| Server IP : 172.67.131.151 / Your IP : 104.23.243.227 Web Server : Apache System : Linux keen-cori.18-142-40-148.plesk.page 5.15.0-1084-aws #91~20.04.1-Ubuntu SMP Fri May 2 06:59:36 UTC 2025 x86_64 User : simottodesign.com_2tntp341vs7 ( 10011) PHP Version : 8.3.31 Disable Function : opcache_get_status MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/log/ |
Upload File : |
--2cd33519-A--
[01/Jul/2026:00:04:50.963542 +0000] akRZovjsclQy8ZWn19a4dwAAANE 172.71.124.200 34486 172.26.37.160 7081
--2cd33519-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.124.200
X-Forwarded-For: 117.0.21.154
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic c2ltb3R0bzpzaW1vdHRvLjEyMw==
accept: application/json
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
accept-encoding: gzip, br
cf-ray: a14127da6976cdee-SIN
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 117.0.21.154
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--2cd33519-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2cd33519-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.simottodesign.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRZovjsclQy8ZWn19a4dwAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782864290960366 3267 (- - -)
Stopwatch2: 1782864290960366 3267; combined=1360, p1=307, p2=999, p3=0, p4=0, p5=53, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2cd33519-Z--
--49f79f75-A--
[01/Jul/2026:00:07:06.694315 +0000] akRaKvlUqioljMZOAlNbewAAAEI 45.92.108.143 41552 172.26.37.160 7081
--49f79f75-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 45.92.108.143
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWJjMTIz
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--49f79f75-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--49f79f75-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRaKvlUqioljMZOAlNbewAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782864426691296 3091 (- - -)
Stopwatch2: 1782864426691296 3091; combined=829, p1=276, p2=496, p3=0, p4=0, p5=56, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--49f79f75-Z--
--1acfd97b-A--
[01/Jul/2026:00:11:05.669196 +0000] akRbGflUqioljMZOAlNdIQAAAEs 107.3.193.3 37602 172.26.37.160 7081
--1acfd97b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--1acfd97b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1acfd97b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRbGflUqioljMZOAlNdIQAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782864665666285 2969 (- - -)
Stopwatch2: 1782864665666285 2969; combined=1483, p1=318, p2=955, p3=0, p4=0, p5=140, sr=78, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1acfd97b-Z--
--94750142-A--
[01/Jul/2026:00:11:58.370941 +0000] akRbTvjsclQy8ZWn19a6mwAAANM 107.3.193.3 46670 172.26.37.160 7081
--94750142-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--94750142-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--94750142-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRbTvjsclQy8ZWn19a6mwAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782864718366222 4822 (- - -)
Stopwatch2: 1782864718366222 4822; combined=1127, p1=258, p2=714, p3=0, p4=0, p5=102, sr=59, sw=53, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--94750142-Z--
--b210ff01-A--
[01/Jul/2026:00:12:08.992355 +0000] akRbWPjsclQy8ZWn19a6ogAAAMs 107.3.193.3 44048 172.26.37.160 7081
--b210ff01-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b210ff01-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b210ff01-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRbWPjsclQy8ZWn19a6ogAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782864728989356 3061 (- - -)
Stopwatch2: 1782864728989356 3061; combined=1474, p1=310, p2=993, p3=0, p4=0, p5=111, sr=70, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b210ff01-Z--
--318aa05a-A--
[01/Jul/2026:00:13:12.758977 +0000] akRbmPjsclQy8ZWn19a60AAAANQ 107.3.193.3 40594 172.26.37.160 7081
--318aa05a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--318aa05a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--318aa05a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRbmPjsclQy8ZWn19a60AAAANQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782864792754086 6620 (- - -)
Stopwatch2: 1782864792754086 6620; combined=2013, p1=345, p2=1465, p3=0, p4=0, p5=138, sr=79, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--318aa05a-Z--
--7f627c38-A--
[01/Jul/2026:00:13:23.414738 +0000] akRbo-lUqioljMZOAlNdbQAAAFE 107.3.193.3 56844 172.26.37.160 7081
--7f627c38-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--7f627c38-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7f627c38-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRbo-lUqioljMZOAlNdbQAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782864803410333 4485 (- - -)
Stopwatch2: 1782864803410333 4485; combined=2483, p1=337, p2=1963, p3=0, p4=0, p5=119, sr=78, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7f627c38-Z--
--dd68dc19-A--
[01/Jul/2026:00:13:36.772759 +0000] akRbsPjsclQy8ZWn19a63QAAAM0 20.194.33.3 54528 172.26.37.160 7081
--dd68dc19-B--
GET /wp-config.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 20.194.33.3
X-Accel-Internal: /internal-nginx-static-location
Cookie: wordpress_test_cookie=WP%20Cookie%20check
--dd68dc19-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dd68dc19-H--
Message: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/wp-config.php"] [unique_id "akRbsPjsclQy8ZWn19a63QAAAM0"]
Action: Intercepted (phase 1)
Stopwatch: 1782864816772013 792 (- - -)
Stopwatch2: 1782864816772013 792; combined=263, p1=196, p2=0, p3=0, p4=0, p5=66, sr=82, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dd68dc19-Z--
--aa298e57-A--
[01/Jul/2026:00:13:40.057754 +0000] akRbtPlUqioljMZOAlNdfwAAAFY 43.129.169.161 44644 172.26.37.160 7080
--aa298e57-B--
HEAD /Core/Skin/Login.aspx HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 43.129.169.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cache-Control: no-cache
Pragma: no-cache
Proxy-Connection: keep-alive
--aa298e57-F--
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=iso-8859-1
--aa298e57-H--
Message: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||18.142.40.148|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||18.142.40.148|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/Core/Skin/Login.aspx"] [unique_id "akRbtPlUqioljMZOAlNdfwAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782864820056246 1555 (- - -)
Stopwatch2: 1782864820056246 1555; combined=632, p1=275, p2=308, p3=0, p4=0, p5=49, sr=65, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--aa298e57-Z--
--e8540720-A--
[01/Jul/2026:00:14:38.865198 +0000] akRb7ofKP2fTo4DxoZk6UwAAAQA 107.3.193.3 57492 172.26.37.160 7081
--e8540720-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e8540720-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e8540720-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRb7ofKP2fTo4DxoZk6UwAAAQA"]
Action: Intercepted (phase 2)
Stopwatch: 1782864878031812 833457 (- - -)
Stopwatch2: 1782864878031812 833457; combined=1636302, p1=914, p2=1189, p3=0, p4=0, p5=817152, sr=100, sw=817047, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e8540720-Z--
--08308c64-A--
[01/Jul/2026:00:14:38.873159 +0000] akRb7Mkhe8sG@ksfkLdVfwAAAAw 34.86.212.119 55940 172.26.37.160 7081
--08308c64-B--
GET /wp-content/themes/woodmart/css/parts/wd-search-form.min.css?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 34.86.212.119
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://eonhk.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=0
--08308c64-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/themes/woodmart/css/parts/wd-search-form.min.css
Content-Length: 0
Content-Type: text/css
--08308c64-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "203.134.193.134_a59f95a8015e4271637162cf42ba0fb688b4d94a"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "203.134.193.134_a59f95a8015e4271637162cf42ba0fb688b4d94a"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/css/parts/wd-search-form.min.css"] [unique_id "akRb7Mkhe8sG@ksfkLdVfwAAAAw"]
Stopwatch: 1782864876809987 2063360 (- - -)
Stopwatch2: 1782864876809987 2063360; combined=3831653, p1=225, p2=53486, p3=21, p4=18, p5=1891046, sr=55, sw=1, l=0, gc=1886856
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--08308c64-Z--
--33335b0c-A--
[01/Jul/2026:00:14:38.873854 +0000] akRb7ckhe8sG@ksfkLdVqQAAABY 34.86.212.119 57172 172.26.37.160 7081
--33335b0c-B--
GET /wp-content/uploads/2024/09/TA76-gcs-VE-150x150.png HTTP/1.1
Host: eonhk.com
X-Real-IP: 34.86.212.119
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://eonhk.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: i
--33335b0c-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/uploads/2024/09/TA76-gcs-VE-150x150.png
Content-Length: 0
Content-Type: image/png
--33335b0c-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "203.134.193.134_a59f95a8015e4271637162cf42ba0fb688b4d94a"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "203.134.193.134_a59f95a8015e4271637162cf42ba0fb688b4d94a"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/uploads/2024/09/TA76-gcs-VE-150x150.png"] [unique_id "akRb7ckhe8sG@ksfkLdVqQAAABY"]
Stopwatch: 1782864877711695 1162231 (- - -)
Stopwatch2: 1782864877711695 1162231; combined=2277218, p1=179, p2=915, p3=16, p4=15, p5=1138060, sr=49, sw=1, l=0, gc=1138032
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--33335b0c-Z--
--7cdaf658-A--
[01/Jul/2026:00:15:31.228360 +0000] akRcI8khe8sG@ksfkLdVywAAAAU 107.3.193.3 47976 172.26.37.160 7081
--7cdaf658-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--7cdaf658-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7cdaf658-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRcI8khe8sG@ksfkLdVywAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782864931224839 3577 (- - -)
Stopwatch2: 1782864931224839 3577; combined=1969, p1=338, p2=1414, p3=0, p4=0, p5=152, sr=74, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7cdaf658-Z--
--7c66732a-A--
[01/Jul/2026:00:15:52.446308 +0000] akRcOMkhe8sG@ksfkLdV4gAAABU 107.3.193.3 35468 172.26.37.160 7081
--7c66732a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 699
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--7c66732a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7c66732a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRcOMkhe8sG@ksfkLdV4gAAABU"]
Action: Intercepted (phase 2)
Stopwatch: 1782864952442608 3767 (- - -)
Stopwatch2: 1782864952442608 3767; combined=1901, p1=316, p2=1387, p3=0, p4=0, p5=128, sr=75, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7c66732a-Z--
--115b3714-A--
[01/Jul/2026:00:16:22.941062 +0000] akRcVgPaZ@8YmqlgBoqmDwAAAIc 181.41.206.213 45744 172.26.37.160 7081
--115b3714-B--
GET /.env HTTP/1.1
Host: eonhk.com
X-Real-IP: 181.41.206.213
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
Accept-Encoding: gzip, deflate
Accept: */*
--115b3714-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--115b3714-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/.env"] [unique_id "akRcVgPaZ@8YmqlgBoqmDwAAAIc"]
Action: Intercepted (phase 1)
Stopwatch: 1782864982940467 644 (- - -)
Stopwatch2: 1782864982940467 644; combined=228, p1=177, p2=0, p3=0, p4=0, p5=50, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--115b3714-Z--
--694d4747-A--
[01/Jul/2026:00:17:06.874607 +0000] akRcgofKP2fTo4DxoZk6hwAAAQM 107.3.193.3 39964 172.26.37.160 7081
--694d4747-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--694d4747-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--694d4747-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRcgofKP2fTo4DxoZk6hwAAAQM"]
Action: Intercepted (phase 2)
Stopwatch: 1782865026870067 4624 (- - -)
Stopwatch2: 1782865026870067 4624; combined=1761, p1=339, p2=1206, p3=0, p4=0, p5=141, sr=73, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--694d4747-Z--
--00ae7a32-A--
[01/Jul/2026:00:17:49.428435 +0000] akRcrQPaZ@8YmqlgBoqmMQAAAJg 107.3.193.3 46408 172.26.37.160 7081
--00ae7a32-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--00ae7a32-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--00ae7a32-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRcrQPaZ@8YmqlgBoqmMQAAAJg"]
Action: Intercepted (phase 2)
Stopwatch: 1782865069424027 4478 (- - -)
Stopwatch2: 1782865069424027 4478; combined=2815, p1=1064, p2=1501, p3=0, p4=0, p5=162, sr=79, sw=88, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--00ae7a32-Z--
--ebd00419-A--
[01/Jul/2026:00:18:10.654693 +0000] akRcwskhe8sG@ksfkLdWEgAAAA0 107.3.193.3 59124 172.26.37.160 7081
--ebd00419-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ebd00419-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ebd00419-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRcwskhe8sG@ksfkLdWEgAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782865090651248 3502 (- - -)
Stopwatch2: 1782865090651248 3502; combined=1718, p1=330, p2=1203, p3=0, p4=0, p5=125, sr=84, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ebd00419-Z--
--a09db730-A--
[01/Jul/2026:00:19:25.227068 +0000] akRdDckhe8sG@ksfkLdWIgAAAAM 107.3.193.3 43362 172.26.37.160 7081
--a09db730-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a09db730-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a09db730-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRdDckhe8sG@ksfkLdWIgAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782865165223928 3218 (- - -)
Stopwatch2: 1782865165223928 3218; combined=1487, p1=338, p2=970, p3=0, p4=0, p5=117, sr=76, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a09db730-Z--
--add8854f-A--
[01/Jul/2026:00:20:50.007995 +0000] akRdYgPaZ@8YmqlgBoqmpgAAAJg 107.3.193.3 40548 172.26.37.160 7081
--add8854f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--add8854f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--add8854f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRdYgPaZ@8YmqlgBoqmpgAAAJg"]
Action: Intercepted (phase 2)
Stopwatch: 1782865250004808 3247 (- - -)
Stopwatch2: 1782865250004808 3247; combined=1616, p1=355, p2=1075, p3=0, p4=0, p5=120, sr=77, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--add8854f-Z--
--e7a47649-A--
[01/Jul/2026:00:22:15.159442 +0000] akRdt4fKP2fTo4DxoZk6-AAAAQk 107.3.193.3 54662 172.26.37.160 7081
--e7a47649-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--e7a47649-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e7a47649-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRdt4fKP2fTo4DxoZk6-AAAAQk"]
Action: Intercepted (phase 2)
Stopwatch: 1782865335156690 2811 (- - -)
Stopwatch2: 1782865335156690 2811; combined=1448, p1=334, p2=935, p3=0, p4=0, p5=116, sr=95, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e7a47649-Z--
--5f74d57f-A--
[01/Jul/2026:00:23:29.525209 +0000] akReAQPaZ@8YmqlgBoqmwwAAAJE 107.3.193.3 46196 172.26.37.160 7081
--5f74d57f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5f74d57f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5f74d57f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akReAQPaZ@8YmqlgBoqmwwAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782865409522075 3189 (- - -)
Stopwatch2: 1782865409522075 3189; combined=1521, p1=334, p2=1020, p3=0, p4=0, p5=110, sr=71, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5f74d57f-Z--
--04822555-A--
[01/Jul/2026:00:23:50.771948 +0000] akReFgPaZ@8YmqlgBoqmxgAAAJc 107.3.193.3 54522 172.26.37.160 7081
--04822555-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--04822555-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--04822555-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akReFgPaZ@8YmqlgBoqmxgAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782865430768139 3866 (- - -)
Stopwatch2: 1782865430768139 3866; combined=2439, p1=345, p2=1894, p3=0, p4=0, p5=130, sr=90, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--04822555-Z--
--0c998c4d-A--
[01/Jul/2026:00:24:33.310991 +0000] akReQYfKP2fTo4DxoZk7DgAAARg 107.3.193.3 56098 172.26.37.160 7081
--0c998c4d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--0c998c4d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0c998c4d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akReQYfKP2fTo4DxoZk7DgAAARg"]
Action: Intercepted (phase 2)
Stopwatch: 1782865473305755 5931 (- - -)
Stopwatch2: 1782865473305755 5931; combined=1512, p1=310, p2=997, p3=0, p4=0, p5=136, sr=69, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0c998c4d-Z--
--452f705f-A--
[01/Jul/2026:00:25:37.172966 +0000] akRegQPaZ@8YmqlgBoqm@AAAAJQ 107.3.193.3 48794 172.26.37.160 7081
--452f705f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--452f705f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--452f705f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRegQPaZ@8YmqlgBoqm@AAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782865537169386 3667 (- - -)
Stopwatch2: 1782865537169386 3667; combined=1568, p1=351, p2=1039, p3=0, p4=0, p5=115, sr=85, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--452f705f-Z--
--48dfda0f-A--
[01/Jul/2026:00:25:58.494669 +0000] akRelmQBjtrsWOLrCF4HhQAAAEE 107.3.193.3 42506 172.26.37.160 7081
--48dfda0f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--48dfda0f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--48dfda0f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRelmQBjtrsWOLrCF4HhQAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782865558492013 3338 (- - -)
Stopwatch2: 1782865558492013 3338; combined=1426, p1=310, p2=948, p3=0, p4=0, p5=109, sr=73, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--48dfda0f-Z--
--749df35f-A--
[01/Jul/2026:00:27:23.512270 +0000] akRe6wPaZ@8YmqlgBoqnDwAAAIA 107.3.193.3 42760 172.26.37.160 7081
--749df35f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--749df35f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--749df35f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRe6wPaZ@8YmqlgBoqnDwAAAIA"]
Action: Intercepted (phase 2)
Stopwatch: 1782865643509223 3103 (- - -)
Stopwatch2: 1782865643509223 3103; combined=1530, p1=334, p2=1014, p3=0, p4=0, p5=119, sr=74, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--749df35f-Z--
--f8fa4308-A--
[01/Jul/2026:00:28:27.329502 +0000] akRfK4fKP2fTo4DxoZk7PgAAAQQ 107.3.193.3 49954 172.26.37.160 7081
--f8fa4308-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f8fa4308-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f8fa4308-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRfK4fKP2fTo4DxoZk7PgAAAQQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782865707323850 5715 (- - -)
Stopwatch2: 1782865707323850 5715; combined=1839, p1=679, p2=948, p3=0, p4=0, p5=144, sr=70, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f8fa4308-Z--
--dc50da7c-A--
[01/Jul/2026:00:28:48.620285 +0000] akRfQGQBjtrsWOLrCF4HrAAAAFg 107.3.193.3 58556 172.26.37.160 7081
--dc50da7c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--dc50da7c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dc50da7c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRfQGQBjtrsWOLrCF4HrAAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782865728616912 3478 (- - -)
Stopwatch2: 1782865728616912 3478; combined=1575, p1=315, p2=1022, p3=0, p4=0, p5=156, sr=75, sw=82, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dc50da7c-Z--
--0850b66f-A--
[01/Jul/2026:00:29:52.518102 +0000] akRfgAPaZ@8YmqlgBoqnRgAAAJI 107.3.193.3 38524 172.26.37.160 7081
--0850b66f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--0850b66f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0850b66f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRfgAPaZ@8YmqlgBoqnRgAAAJI"]
Action: Intercepted (phase 2)
Stopwatch: 1782865792513423 7910 (- - -)
Stopwatch2: 1782865792513423 7910; combined=2960, p1=1783, p2=979, p3=0, p4=0, p5=132, sr=74, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0850b66f-Z--
--f943a649-A--
[01/Jul/2026:00:30:24.457550 +0000] akRfoAPaZ@8YmqlgBoqnUAAAAIU 107.3.193.3 53446 172.26.37.160 7081
--f943a649-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)
--f943a649-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f943a649-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRfoAPaZ@8YmqlgBoqnUAAAAIU"]
Action: Intercepted (phase 2)
Stopwatch: 1782865824453513 4096 (- - -)
Stopwatch2: 1782865824453513 4096; combined=1587, p1=325, p2=1054, p3=0, p4=0, p5=137, sr=70, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f943a649-Z--
--fd9eeb67-A--
[01/Jul/2026:00:30:35.108431 +0000] akRfq2QBjtrsWOLrCF4HzQAAAFE 107.3.193.3 50918 172.26.37.160 7081
--fd9eeb67-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--fd9eeb67-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fd9eeb67-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRfq2QBjtrsWOLrCF4HzQAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782865835105623 2865 (- - -)
Stopwatch2: 1782865835105623 2865; combined=1474, p1=317, p2=958, p3=0, p4=0, p5=133, sr=78, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fd9eeb67-Z--
--b373667f-A--
[01/Jul/2026:00:31:50.008417 +0000] akRf9gPaZ@8YmqlgBoqnbAAAAIg 107.3.193.3 43298 172.26.37.160 7081
--b373667f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b373667f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b373667f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRf9gPaZ@8YmqlgBoqnbAAAAIg"]
Action: Intercepted (phase 2)
Stopwatch: 1782865910005729 2747 (- - -)
Stopwatch2: 1782865910005729 2747; combined=1491, p1=340, p2=978, p3=0, p4=0, p5=112, sr=81, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b373667f-Z--
--42dab447-A--
[01/Jul/2026:00:32:01.348983 +0000] akRgAQPaZ@8YmqlgBoqncAAAAJA 107.3.193.3 58492 172.26.37.160 7081
--42dab447-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--42dab447-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--42dab447-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRgAQPaZ@8YmqlgBoqncAAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782865921344807 4235 (- - -)
Stopwatch2: 1782865921344807 4235; combined=1994, p1=348, p2=1461, p3=0, p4=0, p5=120, sr=74, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--42dab447-Z--
--5216fe73-A--
[01/Jul/2026:00:32:30.478491 +0000] akRgHgPaZ@8YmqlgBoqndwAAAJY 119.93.249.179 53916 172.26.37.160 7081
--5216fe73-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--5216fe73-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5216fe73-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRgHgPaZ@8YmqlgBoqndwAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782865950475140 3414 (- - -)
Stopwatch2: 1782865950475140 3414; combined=3020, p1=329, p2=989, p3=0, p4=0, p5=880, sr=73, sw=822, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5216fe73-Z--
--ac076415-A--
[01/Jul/2026:00:33:04.076876 +0000] akRgQAPaZ@8YmqlgBoqnkQAAAI0 107.3.193.3 45696 172.26.37.160 7081
--ac076415-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ac076415-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ac076415-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRgQAPaZ@8YmqlgBoqnkQAAAI0"]
Action: Intercepted (phase 2)
Stopwatch: 1782865984073707 3250 (- - -)
Stopwatch2: 1782865984073707 3250; combined=1941, p1=351, p2=1424, p3=0, p4=0, p5=109, sr=88, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ac076415-Z--
--bec5aa65-A--
[01/Jul/2026:00:33:25.313123 +0000] akRgVYfKP2fTo4DxoZk7dwAAARc 107.3.193.3 44912 172.26.37.160 7081
--bec5aa65-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--bec5aa65-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bec5aa65-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRgVYfKP2fTo4DxoZk7dwAAARc"]
Action: Intercepted (phase 2)
Stopwatch: 1782866005310516 2663 (- - -)
Stopwatch2: 1782866005310516 2663; combined=1465, p1=363, p2=937, p3=0, p4=0, p5=109, sr=81, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bec5aa65-Z--
--dba0033a-A--
[01/Jul/2026:00:33:57.238416 +0000] akRgdQPaZ@8YmqlgBoqnoAAAAIs 107.3.193.3 33770 172.26.37.160 7081
--dba0033a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 107.3.193.3
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)
--dba0033a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dba0033a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 107.3.193.3 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRgdQPaZ@8YmqlgBoqnoAAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782866037234775 3703 (- - -)
Stopwatch2: 1782866037234775 3703; combined=1620, p1=367, p2=1045, p3=0, p4=0, p5=142, sr=99, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dba0033a-Z--
--60602c64-A--
[01/Jul/2026:00:34:17.848232 +0000] akRgiQPaZ@8YmqlgBoqnpAAAAJA 119.93.249.179 54232 172.26.37.160 7081
--60602c64-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--60602c64-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--60602c64-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRgiQPaZ@8YmqlgBoqnpAAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782866057845071 3216 (- - -)
Stopwatch2: 1782866057845071 3216; combined=1468, p1=317, p2=973, p3=0, p4=0, p5=114, sr=72, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--60602c64-Z--
--dd537615-A--
[01/Jul/2026:00:35:29.265595 +0000] akRg0WQBjtrsWOLrCF4IEwAAAFg 172.71.95.74 46802 172.26.37.160 7081
--dd537615-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.71.95.74
X-Forwarded-For: 78.142.18.172
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW4xMTE=
accept: application/json
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
accept-encoding: gzip, br
cf-ray: a14154b919ecd579-AMS
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 78.142.18.172
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--dd537615-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dd537615-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "airvenushk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRg0WQBjtrsWOLrCF4IEwAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782866129263287 2397 (- - -)
Stopwatch2: 1782866129263287 2397; combined=947, p1=294, p2=588, p3=0, p4=0, p5=65, sr=73, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dd537615-Z--
--2023a035-A--
[01/Jul/2026:00:36:26.603942 +0000] akRhCmQBjtrsWOLrCF4IHgAAAFM 119.93.249.179 37472 172.26.37.160 7081
--2023a035-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--2023a035-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2023a035-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRhCmQBjtrsWOLrCF4IHgAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782866186601132 2890 (- - -)
Stopwatch2: 1782866186601132 2890; combined=1546, p1=331, p2=1053, p3=0, p4=0, p5=106, sr=73, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2023a035-Z--
--ad09c007-A--
[01/Jul/2026:00:36:37.440811 +0000] akRhFQPaZ@8YmqlgBoqn0gAAAII 119.93.249.179 38910 172.26.37.160 7081
--ad09c007-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 701
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--ad09c007-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ad09c007-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRhFQPaZ@8YmqlgBoqn0gAAAII"]
Action: Intercepted (phase 2)
Stopwatch: 1782866197437765 3113 (- - -)
Stopwatch2: 1782866197437765 3113; combined=1667, p1=319, p2=1180, p3=0, p4=0, p5=109, sr=78, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ad09c007-Z--
--cae93c16-A--
[01/Jul/2026:00:37:52.504698 +0000] akRhYAPaZ@8YmqlgBoqn@gAAAIg 119.93.249.179 46878 172.26.37.160 7081
--cae93c16-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--cae93c16-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cae93c16-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRhYAPaZ@8YmqlgBoqn@gAAAIg"]
Action: Intercepted (phase 2)
Stopwatch: 1782866272501593 3190 (- - -)
Stopwatch2: 1782866272501593 3190; combined=1693, p1=340, p2=1184, p3=0, p4=0, p5=109, sr=74, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cae93c16-Z--
--20dc115e-A--
[01/Jul/2026:00:38:14.130179 +0000] akRhdgPaZ@8YmqlgBoqoBAAAAJE 119.93.249.179 53498 172.26.37.160 7081
--20dc115e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--20dc115e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--20dc115e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRhdgPaZ@8YmqlgBoqoBAAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782866294126004 4249 (- - -)
Stopwatch2: 1782866294126004 4249; combined=1797, p1=342, p2=1212, p3=0, p4=0, p5=157, sr=75, sw=86, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--20dc115e-Z--
--3776c50f-A--
[01/Jul/2026:00:39:20.270913 +0000] akRhuAPaZ@8YmqlgBoqoGwAAAIc 119.93.249.179 53352 172.26.37.160 7081
--3776c50f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--3776c50f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3776c50f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRhuAPaZ@8YmqlgBoqoGwAAAIc"]
Action: Intercepted (phase 2)
Stopwatch: 1782866360267374 3606 (- - -)
Stopwatch2: 1782866360267374 3606; combined=2476, p1=346, p2=1952, p3=0, p4=0, p5=118, sr=77, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3776c50f-Z--
--c3082a16-A--
[01/Jul/2026:00:40:13.014096 +0000] akRh7WQBjtrsWOLrCF4IYwAAAEo 172.68.242.121 34878 172.26.37.160 7081
--c3082a16-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1415ba94aa081b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c3082a16-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c3082a16-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRh7WQBjtrsWOLrCF4IYwAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782866413010990 3211 (- - -)
Stopwatch2: 1782866413010990 3211; combined=1970, p1=717, p2=1083, p3=0, p4=0, p5=111, sr=90, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c3082a16-Z--
--28e3bf47-A--
[01/Jul/2026:00:40:37.187728 +0000] akRiBYfKP2fTo4DxoZk7uQAAARU 119.93.249.179 53050 172.26.37.160 7081
--28e3bf47-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--28e3bf47-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--28e3bf47-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRiBYfKP2fTo4DxoZk7uQAAARU"]
Action: Intercepted (phase 2)
Stopwatch: 1782866437184675 3112 (- - -)
Stopwatch2: 1782866437184675 3112; combined=1693, p1=384, p2=1139, p3=0, p4=0, p5=109, sr=131, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--28e3bf47-Z--
--2224b020-A--
[01/Jul/2026:00:40:48.238003 +0000] akRiEAPaZ@8YmqlgBoqoMAAAAIs 119.93.249.179 44412 172.26.37.160 7081
--2224b020-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--2224b020-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2224b020-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRiEAPaZ@8YmqlgBoqoMAAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782866448235002 3091 (- - -)
Stopwatch2: 1782866448235002 3091; combined=1985, p1=843, p2=979, p3=0, p4=0, p5=107, sr=599, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2224b020-Z--
--ea8a8d26-A--
[01/Jul/2026:00:41:26.408667 +0000] akRiNgPaZ@8YmqlgBoqoPQAAAIs 172.68.242.121 55876 172.26.37.160 7081
--ea8a8d26-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1415d73f96081b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ea8a8d26-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ea8a8d26-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRiNgPaZ@8YmqlgBoqoPQAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782866486404922 3845 (- - -)
Stopwatch2: 1782866486404922 3845; combined=1863, p1=350, p2=1353, p3=0, p4=0, p5=104, sr=81, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ea8a8d26-Z--
--42300a41-A--
[01/Jul/2026:00:42:08.454267 +0000] akRiYAPaZ@8YmqlgBoqoRwAAAJY 172.68.242.121 57474 172.26.37.160 7081
--42300a41-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1415e7acc2881b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--42300a41-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--42300a41-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRiYAPaZ@8YmqlgBoqoRwAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782866528450979 3368 (- - -)
Stopwatch2: 1782866528450979 3368; combined=1964, p1=659, p2=1121, p3=0, p4=0, p5=121, sr=74, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--42300a41-Z--
--e6f0ef4f-A--
[01/Jul/2026:00:42:26.247273 +0000] akRicmQBjtrsWOLrCF4IhAAAAEc 119.93.249.179 39324 172.26.37.160 7081
--e6f0ef4f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--e6f0ef4f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e6f0ef4f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRicmQBjtrsWOLrCF4IhAAAAEc"]
Action: Intercepted (phase 2)
Stopwatch: 1782866546243976 3365 (- - -)
Stopwatch2: 1782866546243976 3365; combined=2099, p1=317, p2=1588, p3=0, p4=0, p5=126, sr=74, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e6f0ef4f-Z--
--b3126500-A--
[01/Jul/2026:00:42:58.497711 +0000] akRikgPaZ@8YmqlgBoqoWwAAAIM 119.93.249.179 41862 172.26.37.160 7081
--b3126500-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--b3126500-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b3126500-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRikgPaZ@8YmqlgBoqoWwAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782866578493883 3892 (- - -)
Stopwatch2: 1782866578493883 3892; combined=1956, p1=403, p2=1340, p3=0, p4=0, p5=144, sr=127, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b3126500-Z--
--944f3363-A--
[01/Jul/2026:00:43:00.921006 +0000] akRilIfKP2fTo4DxoZk75QAAAQQ 172.68.242.121 41932 172.26.37.160 7081
--944f3363-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1415fc2a85d81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--944f3363-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--944f3363-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRilIfKP2fTo4DxoZk75QAAAQQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782866580917729 3369 (- - -)
Stopwatch2: 1782866580917729 3369; combined=1806, p1=331, p2=1312, p3=0, p4=0, p5=107, sr=90, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--944f3363-Z--
--8555fd04-A--
[01/Jul/2026:00:43:42.844069 +0000] akRivgPaZ@8YmqlgBoqocAAAAIs 172.68.242.121 58374 172.26.37.160 7081
--8555fd04-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14160c8bd7481b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8555fd04-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8555fd04-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRivgPaZ@8YmqlgBoqocAAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782866622840682 3476 (- - -)
Stopwatch2: 1782866622840682 3476; combined=2148, p1=320, p2=1662, p3=0, p4=0, p5=110, sr=84, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8555fd04-Z--
--33aac602-A--
[01/Jul/2026:00:44:02.922257 +0000] akRi0mQBjtrsWOLrCF4IoAAAAFI 119.93.249.179 52780 172.26.37.160 7081
--33aac602-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--33aac602-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--33aac602-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRi0mQBjtrsWOLrCF4IoAAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782866642918730 3592 (- - -)
Stopwatch2: 1782866642918730 3592; combined=2389, p1=341, p2=1847, p3=0, p4=0, p5=134, sr=80, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--33aac602-Z--
--84ab4a6d-A--
[01/Jul/2026:00:44:14.280028 +0000] akRi3gPaZ@8YmqlgBoqoewAAAIg 172.68.242.121 47598 172.26.37.160 7081
--84ab4a6d-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141618d29af81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--84ab4a6d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--84ab4a6d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRi3gPaZ@8YmqlgBoqoewAAAIg"]
Action: Intercepted (phase 2)
Stopwatch: 1782866654275575 7786 (- - -)
Stopwatch2: 1782866654275575 7786; combined=1955, p1=324, p2=1461, p3=0, p4=0, p5=115, sr=79, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--84ab4a6d-Z--
--d9ccac54-A--
[01/Jul/2026:00:44:34.854377 +0000] akRi8mQBjtrsWOLrCF4IowAAAEM 119.93.249.179 50366 172.26.37.160 7081
--d9ccac54-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--d9ccac54-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d9ccac54-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRi8mQBjtrsWOLrCF4IowAAAEM"]
Action: Intercepted (phase 2)
Stopwatch: 1782866674851716 2723 (- - -)
Stopwatch2: 1782866674851716 2723; combined=1464, p1=325, p2=967, p3=0, p4=0, p5=112, sr=76, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d9ccac54-Z--
--0831fc62-A--
[01/Jul/2026:00:45:07.058182 +0000] akRjE4fKP2fTo4DxoZk8AwAAARU 119.93.249.179 47284 172.26.37.160 7081
--0831fc62-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--0831fc62-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0831fc62-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRjE4fKP2fTo4DxoZk8AwAAARU"]
Action: Intercepted (phase 2)
Stopwatch: 1782866707055083 3155 (- - -)
Stopwatch2: 1782866707055083 3155; combined=1958, p1=769, p2=997, p3=0, p4=0, p5=128, sr=90, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0831fc62-Z--
--4c59ca05-A--
[01/Jul/2026:00:45:38.166907 +0000] akRjMmQBjtrsWOLrCF4IvQAAAFE 172.68.242.121 39040 172.26.37.160 7081
--4c59ca05-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14163997aaf81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4c59ca05-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4c59ca05-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRjMmQBjtrsWOLrCF4IvQAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782866738163678 3326 (- - -)
Stopwatch2: 1782866738163678 3326; combined=1610, p1=356, p2=1051, p3=0, p4=0, p5=145, sr=87, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4c59ca05-Z--
--3bc5f065-A--
[01/Jul/2026:00:45:39.173167 +0000] akRjM2QBjtrsWOLrCF4IvgAAAEA 119.93.249.179 39042 172.26.37.160 7081
--3bc5f065-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--3bc5f065-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3bc5f065-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRjM2QBjtrsWOLrCF4IvgAAAEA"]
Action: Intercepted (phase 2)
Stopwatch: 1782866739170559 2666 (- - -)
Stopwatch2: 1782866739170559 2666; combined=1442, p1=346, p2=931, p3=0, p4=0, p5=109, sr=99, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3bc5f065-Z--
--020ca518-A--
[01/Jul/2026:00:46:22.081273 +0000] akRjXofKP2fTo4DxoZk8EgAAAQE 119.93.249.179 40186 172.26.37.160 7081
--020ca518-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--020ca518-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--020ca518-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRjXofKP2fTo4DxoZk8EgAAAQE"]
Action: Intercepted (phase 2)
Stopwatch: 1782866782078629 2703 (- - -)
Stopwatch2: 1782866782078629 2703; combined=1510, p1=382, p2=949, p3=0, p4=0, p5=119, sr=90, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--020ca518-Z--
--bf720541-A--
[01/Jul/2026:00:46:41.176390 +0000] akRjcQPaZ@8YmqlgBoqotQAAAIo 172.68.242.121 43194 172.26.37.160 7081
--bf720541-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141652348b581b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--bf720541-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bf720541-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRjcQPaZ@8YmqlgBoqotQAAAIo"]
Action: Intercepted (phase 2)
Stopwatch: 1782866801172807 3681 (- - -)
Stopwatch2: 1782866801172807 3681; combined=1692, p1=366, p2=1155, p3=0, p4=0, p5=112, sr=73, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bf720541-Z--
--8c3baa00-A--
[01/Jul/2026:00:47:04.933201 +0000] akRjiGQBjtrsWOLrCF4I1QAAAFY 119.93.249.179 41734 172.26.37.160 7081
--8c3baa00-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--8c3baa00-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8c3baa00-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRjiGQBjtrsWOLrCF4I1QAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782866824930643 2615 (- - -)
Stopwatch2: 1782866824930643 2615; combined=1495, p1=364, p2=962, p3=0, p4=0, p5=110, sr=78, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8c3baa00-Z--
--8c29ae17-A--
[01/Jul/2026:00:47:23.153240 +0000] akRjm2QBjtrsWOLrCF4I3gAAAFM 172.68.242.121 45758 172.26.37.160 7081
--8c29ae17-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14166299bdb81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8c29ae17-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8c29ae17-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRjm2QBjtrsWOLrCF4I3gAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782866843148838 5931 (- - -)
Stopwatch2: 1782866843148838 5931; combined=1697, p1=378, p2=1116, p3=0, p4=0, p5=134, sr=102, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8c29ae17-Z--
--ef64a055-A--
[01/Jul/2026:00:47:44.117232 +0000] akRjsAPaZ@8YmqlgBoqoxAAAAII 172.68.242.121 50720 172.26.37.160 7081
--ef64a055-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14166acac6481b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ef64a055-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ef64a055-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRjsAPaZ@8YmqlgBoqoxAAAAII"]
Action: Intercepted (phase 2)
Stopwatch: 1782866864113059 4263 (- - -)
Stopwatch2: 1782866864113059 4263; combined=2969, p1=348, p2=2159, p3=0, p4=0, p5=268, sr=81, sw=194, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ef64a055-Z--
--210d537a-A--
[01/Jul/2026:00:48:30.815297 +0000] akRj3gPaZ@8YmqlgBoqo2gAAAI4 119.93.249.179 34910 172.26.37.160 7081
--210d537a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--210d537a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--210d537a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRj3gPaZ@8YmqlgBoqo2gAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1782866910812230 3139 (- - -)
Stopwatch2: 1782866910812230 3139; combined=1898, p1=308, p2=1398, p3=0, p4=0, p5=128, sr=74, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--210d537a-Z--
--d3635e1e-A--
[01/Jul/2026:00:48:46.736898 +0000] akRj7mQBjtrsWOLrCF4JEAAAAEs 136.158.116.144 51294 172.26.37.160 7081
--d3635e1e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d3635e1e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d3635e1e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRj7mQBjtrsWOLrCF4JEAAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782866926732233 4743 (- - -)
Stopwatch2: 1782866926732233 4743; combined=4600, p1=573, p2=956, p3=0, p4=0, p5=1563, sr=278, sw=1508, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d3635e1e-Z--
--95a92657-A--
[01/Jul/2026:00:48:47.018620 +0000] akRj7wPaZ@8YmqlgBoqo5wAAAJA 172.68.242.121 51298 172.26.37.160 7081
--95a92657-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1416835c81181b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--95a92657-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--95a92657-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRj7wPaZ@8YmqlgBoqo5wAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782866927015106 3592 (- - -)
Stopwatch2: 1782866927015106 3592; combined=1591, p1=317, p2=1112, p3=0, p4=0, p5=107, sr=81, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--95a92657-Z--
--b5392c24-A--
[01/Jul/2026:00:48:57.556512 +0000] akRj@QPaZ@8YmqlgBoqo6gAAAIY 172.68.242.121 59562 172.26.37.160 7081
--b5392c24-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1416877aaa981b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--b5392c24-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b5392c24-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRj@QPaZ@8YmqlgBoqo6gAAAIY"]
Action: Intercepted (phase 2)
Stopwatch: 1782866937553065 3549 (- - -)
Stopwatch2: 1782866937553065 3549; combined=2336, p1=331, p2=1833, p3=0, p4=0, p5=111, sr=83, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b5392c24-Z--
--1e87081e-A--
[01/Jul/2026:00:49:03.020676 +0000] akRj-4fKP2fTo4DxoZk8PAAAAQg 119.93.249.179 59592 172.26.37.160 7081
--1e87081e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--1e87081e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1e87081e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRj-4fKP2fTo4DxoZk8PAAAAQg"]
Action: Intercepted (phase 2)
Stopwatch: 1782866943016267 4473 (- - -)
Stopwatch2: 1782866943016267 4473; combined=2137, p1=483, p2=1462, p3=0, p4=0, p5=126, sr=82, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1e87081e-Z--
--6e092215-A--
[01/Jul/2026:00:49:39.493963 +0000] akRkI4fKP2fTo4DxoZk8RAAAAQk 136.158.116.144 46010 172.26.37.160 7081
--6e092215-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--6e092215-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6e092215-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRkI4fKP2fTo4DxoZk8RAAAAQk"]
Action: Intercepted (phase 2)
Stopwatch: 1782866979489709 6517 (- - -)
Stopwatch2: 1782866979489709 6517; combined=1458, p1=305, p2=945, p3=0, p4=0, p5=144, sr=68, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6e092215-Z--
--e366b63e-A--
[01/Jul/2026:00:49:45.877455 +0000] akRkKQPaZ@8YmqlgBoqo@gAAAJU 119.93.249.179 41048 172.26.37.160 7081
--e366b63e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--e366b63e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e366b63e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRkKQPaZ@8YmqlgBoqo@gAAAJU"]
Action: Intercepted (phase 2)
Stopwatch: 1782866985874473 3047 (- - -)
Stopwatch2: 1782866985874473 3047; combined=1912, p1=723, p2=984, p3=0, p4=0, p5=132, sr=76, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e366b63e-Z--
--3d278379-A--
[01/Jul/2026:00:50:00.508612 +0000] akRkOIfKP2fTo4DxoZk8SQAAAQg 172.68.242.121 41450 172.26.37.160 7081
--3d278379-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1416a01180881b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3d278379-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3d278379-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRkOIfKP2fTo4DxoZk8SQAAAQg"]
Action: Intercepted (phase 2)
Stopwatch: 1782867000504591 4272 (- - -)
Stopwatch2: 1782867000504591 4272; combined=2717, p1=366, p2=2171, p3=0, p4=0, p5=116, sr=76, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3d278379-Z--
--2f49b21a-A--
[01/Jul/2026:00:51:14.940406 +0000] akRkgofKP2fTo4DxoZk8UQAAAQc 136.158.116.144 47852 172.26.37.160 7081
--2f49b21a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--2f49b21a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2f49b21a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRkgofKP2fTo4DxoZk8UQAAAQc"]
Action: Intercepted (phase 2)
Stopwatch: 1782867074936779 3682 (- - -)
Stopwatch2: 1782867074936779 3682; combined=2440, p1=389, p2=1878, p3=0, p4=0, p5=113, sr=85, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2f49b21a-Z--
--1c7aab2d-A--
[01/Jul/2026:00:51:24.409785 +0000] akRkjAPaZ@8YmqlgBoqpHgAAAI0 172.68.242.121 46868 172.26.37.160 7081
--1c7aab2d-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1416c0d79dd81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1c7aab2d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1c7aab2d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRkjAPaZ@8YmqlgBoqpHgAAAI0"]
Action: Intercepted (phase 2)
Stopwatch: 1782867084405282 7293 (- - -)
Stopwatch2: 1782867084405282 7293; combined=2393, p1=335, p2=1889, p3=0, p4=0, p5=111, sr=71, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1c7aab2d-Z--
--5a557b32-A--
[01/Jul/2026:00:51:37.746118 +0000] akRkmYfKP2fTo4DxoZk8UgAAARM 136.158.116.144 34788 172.26.37.160 7081
--5a557b32-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5a557b32-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5a557b32-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRkmYfKP2fTo4DxoZk8UgAAARM"]
Action: Intercepted (phase 2)
Stopwatch: 1782867097742967 3205 (- - -)
Stopwatch2: 1782867097742967 3205; combined=1504, p1=324, p2=998, p3=0, p4=0, p5=116, sr=77, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5a557b32-Z--
--788b9d0b-A--
[01/Jul/2026:00:51:55.780259 +0000] akRkqwPaZ@8YmqlgBoqpKAAAAIM 119.93.249.179 56682 172.26.37.160 7081
--788b9d0b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--788b9d0b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--788b9d0b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRkqwPaZ@8YmqlgBoqpKAAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782867115777304 3011 (- - -)
Stopwatch2: 1782867115777304 3011; combined=1567, p1=339, p2=1042, p3=0, p4=0, p5=122, sr=74, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--788b9d0b-Z--
--b1d1931c-A--
[01/Jul/2026:00:52:18.451878 +0000] akRkwofKP2fTo4DxoZk8WwAAARI 136.158.116.144 36390 172.26.37.160 7081
--b1d1931c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--b1d1931c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b1d1931c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRkwofKP2fTo4DxoZk8WwAAARI"]
Action: Intercepted (phase 2)
Stopwatch: 1782867138446701 5235 (- - -)
Stopwatch2: 1782867138446701 5235; combined=1590, p1=371, p2=1023, p3=0, p4=0, p5=133, sr=91, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b1d1931c-Z--
--3e146109-A--
[01/Jul/2026:00:52:27.392640 +0000] akRkywPaZ@8YmqlgBoqpNQAAAIM 172.68.242.121 58320 172.26.37.160 7081
--3e146109-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1416d971f2b81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3e146109-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3e146109-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (4+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (4+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRkywPaZ@8YmqlgBoqpNQAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782867147389274 3451 (- - -)
Stopwatch2: 1782867147389274 3451; combined=1516, p1=324, p2=1034, p3=0, p4=0, p5=104, sr=77, sw=54, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3e146109-Z--
--b4e4bf42-A--
[01/Jul/2026:00:52:43.983001 +0000] akRk2wPaZ@8YmqlgBoqpOgAAAIw 136.158.116.144 56952 172.26.37.160 7081
--b4e4bf42-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b4e4bf42-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b4e4bf42-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRk2wPaZ@8YmqlgBoqpOgAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782867163979082 3982 (- - -)
Stopwatch2: 1782867163979082 3982; combined=1937, p1=318, p2=1402, p3=0, p4=0, p5=154, sr=77, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b4e4bf42-Z--
--d903e543-A--
[01/Jul/2026:00:52:56.337179 +0000] akRk6GQBjtrsWOLrCF4JTAAAAFE 34.26.185.214 32932 172.26.37.160 7080
--d903e543-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 34.26.185.214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)
Accept-Encoding: gzip
--d903e543-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--d903e543-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akRk6GQBjtrsWOLrCF4JTAAAAFE"]
Action: Intercepted (phase 1)
Stopwatch: 1782867176336701 514 (- - -)
Stopwatch2: 1782867176336701 514; combined=245, p1=177, p2=0, p3=0, p4=0, p5=67, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d903e543-Z--
--9c961059-A--
[01/Jul/2026:00:52:58.827968 +0000] akRk6ofKP2fTo4DxoZk8XwAAARg 172.68.242.121 38292 172.26.37.160 7081
--9c961059-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1416e5b9ea881b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9c961059-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9c961059-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRk6ofKP2fTo4DxoZk8XwAAARg"]
Action: Intercepted (phase 2)
Stopwatch: 1782867178825011 3043 (- - -)
Stopwatch2: 1782867178825011 3043; combined=1838, p1=325, p2=1348, p3=0, p4=0, p5=106, sr=72, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9c961059-Z--
--938fbf00-A--
[01/Jul/2026:00:53:00.182303 +0000] akRk7IfKP2fTo4DxoZk8YAAAAQE 119.93.249.179 38302 172.26.37.160 7081
--938fbf00-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: WordPress.com; https://wordpress.com
--938fbf00-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--938fbf00-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRk7IfKP2fTo4DxoZk8YAAAAQE"]
Action: Intercepted (phase 2)
Stopwatch: 1782867180178762 3605 (- - -)
Stopwatch2: 1782867180178762 3605; combined=1526, p1=350, p2=990, p3=0, p4=0, p5=124, sr=85, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--938fbf00-Z--
--a8b7415f-A--
[01/Jul/2026:00:53:40.731961 +0000] akRlFGQBjtrsWOLrCF4JUQAAAEY 172.68.242.121 46182 172.26.37.160 7081
--a8b7415f-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1416f617ae081b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a8b7415f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a8b7415f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRlFGQBjtrsWOLrCF4JUQAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782867220728880 3166 (- - -)
Stopwatch2: 1782867220728880 3166; combined=1545, p1=312, p2=1067, p3=0, p4=0, p5=109, sr=72, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a8b7415f-Z--
--cc7bff31-A--
[01/Jul/2026:00:53:53.898759 +0000] akRlIQPaZ@8YmqlgBoqpUQAAAJM 119.93.249.179 39416 172.26.37.160 7081
--cc7bff31-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 119.93.249.179
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-PH
User-Agent: Jetpack by WordPress.com
--cc7bff31-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cc7bff31-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 119.93.249.179 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akRlIQPaZ@8YmqlgBoqpUQAAAJM"]
Action: Intercepted (phase 2)
Stopwatch: 1782867233895157 3683 (- - -)
Stopwatch2: 1782867233895157 3683; combined=2486, p1=367, p2=1920, p3=0, p4=0, p5=135, sr=100, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cc7bff31-Z--
--7d4d380d-A--
[01/Jul/2026:00:54:43.606565 +0000] akRlUwPaZ@8YmqlgBoqpXgAAAJM 172.68.242.121 38036 172.26.37.160 7081
--7d4d380d-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14170ea796181b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7d4d380d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7d4d380d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRlUwPaZ@8YmqlgBoqpXgAAAJM"]
Action: Intercepted (phase 2)
Stopwatch: 1782867283603203 3443 (- - -)
Stopwatch2: 1782867283603203 3443; combined=2048, p1=795, p2=1074, p3=0, p4=0, p5=118, sr=533, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7d4d380d-Z--
--90aa5275-A--
[01/Jul/2026:00:54:54.077221 +0000] akRlXgPaZ@8YmqlgBoqpYQAAAJI 172.68.242.121 49902 172.26.37.160 7081
--90aa5275-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141712bebb081b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--90aa5275-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--90aa5275-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRlXgPaZ@8YmqlgBoqpYQAAAJI"]
Action: Intercepted (phase 2)
Stopwatch: 1782867294073974 3335 (- - -)
Stopwatch2: 1782867294073974 3335; combined=1847, p1=611, p2=1043, p3=0, p4=0, p5=130, sr=78, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--90aa5275-Z--
--8b75a076-A--
[01/Jul/2026:00:55:56.935689 +0000] akRlnGQBjtrsWOLrCF4JagAAAEs 172.68.242.121 58474 172.26.37.160 7081
--8b75a076-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14172b4cef881b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8b75a076-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8b75a076-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRlnGQBjtrsWOLrCF4JagAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782867356932198 3571 (- - -)
Stopwatch2: 1782867356932198 3571; combined=1564, p1=321, p2=1049, p3=0, p4=0, p5=131, sr=77, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8b75a076-Z--
--80962c37-A--
[01/Jul/2026:00:56:59.855440 +0000] akRl2wPaZ@8YmqlgBoqpewAAAJY 172.68.242.121 48752 172.26.37.160 7081
--80962c37-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141743e0d8281b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--80962c37-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--80962c37-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRl2wPaZ@8YmqlgBoqpewAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782867419852154 3377 (- - -)
Stopwatch2: 1782867419852154 3377; combined=1985, p1=364, p2=1438, p3=0, p4=0, p5=124, sr=103, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--80962c37-Z--
--c2544172-A--
[01/Jul/2026:00:57:10.402276 +0000] akRl5ofKP2fTo4DxoZk8gQAAARc 172.68.242.121 51640 172.26.37.160 7081
--c2544172-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141747fef3081b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c2544172-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c2544172-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRl5ofKP2fTo4DxoZk8gQAAARc"]
Action: Intercepted (phase 2)
Stopwatch: 1782867430398611 3762 (- - -)
Stopwatch2: 1782867430398611 3762; combined=2323, p1=397, p2=1738, p3=0, p4=0, p5=125, sr=99, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c2544172-Z--
--dceba37c-A--
[01/Jul/2026:00:57:57.074269 +0000] akRmFQPaZ@8YmqlgBoqphAAAAIM 78.142.18.172 47854 172.26.37.160 7081
--dceba37c-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 78.142.18.172
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW4xMTE=
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--dceba37c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dceba37c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRmFQPaZ@8YmqlgBoqphAAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782867477071747 2606 (- - -)
Stopwatch2: 1782867477071747 2606; combined=1090, p1=522, p2=510, p3=0, p4=0, p5=58, sr=73, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dceba37c-Z--
--f7347513-A--
[01/Jul/2026:00:58:13.318919 +0000] akRmJWQBjtrsWOLrCF4JfQAAAEc 172.68.242.121 60110 172.26.37.160 7081
--f7347513-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14176091e6481b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f7347513-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f7347513-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRmJWQBjtrsWOLrCF4JfQAAAEc"]
Action: Intercepted (phase 2)
Stopwatch: 1782867493315819 3180 (- - -)
Stopwatch2: 1782867493315819 3180; combined=1628, p1=331, p2=1044, p3=0, p4=0, p5=158, sr=74, sw=95, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f7347513-Z--
--e8ad830f-A--
[01/Jul/2026:00:58:44.744569 +0000] akRmRAPaZ@8YmqlgBoqpkwAAAJM 172.68.242.121 47536 172.26.37.160 7081
--e8ad830f-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14176cd9c7681b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e8ad830f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e8ad830f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRmRAPaZ@8YmqlgBoqpkwAAAJM"]
Action: Intercepted (phase 2)
Stopwatch: 1782867524740954 3722 (- - -)
Stopwatch2: 1782867524740954 3722; combined=1643, p1=351, p2=1074, p3=0, p4=0, p5=144, sr=73, sw=74, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e8ad830f-Z--
--67733b35-A--
[01/Jul/2026:00:59:10.897124 +0000] akRmXgPaZ@8YmqlgBoqpmAAAAJc 136.158.116.144 40712 172.26.37.160 7081
--67733b35-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--67733b35-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--67733b35-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRmXgPaZ@8YmqlgBoqpmAAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782867550893782 3423 (- - -)
Stopwatch2: 1782867550893782 3423; combined=1541, p1=353, p2=981, p3=0, p4=0, p5=139, sr=101, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--67733b35-Z--
--77624264-A--
[01/Jul/2026:00:59:58.845102 +0000] akRmjmQBjtrsWOLrCF4JkAAAAEg 162.0.226.2 44946 172.26.37.160 7081
--77624264-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: contintechind.com
X-Real-IP: 162.0.226.2
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic dmluY2ktYWRtaW46dmluY2ktYWRtaW4xMTE=
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0
--77624264-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--77624264-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "contintechind.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRmjmQBjtrsWOLrCF4JkAAAAEg"]
Action: Intercepted (phase 2)
Stopwatch: 1782867598840860 5137 (- - -)
Stopwatch2: 1782867598840860 5137; combined=859, p1=305, p2=497, p3=0, p4=0, p5=56, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--77624264-Z--
--ea8f1739-A--
[01/Jul/2026:01:00:08.702869 +0000] akRmmGQBjtrsWOLrCF4JkwAAAFU 172.68.242.121 52428 172.26.37.160 7081
--ea8f1739-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14178da5ffa81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ea8f1739-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ea8f1739-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRmmGQBjtrsWOLrCF4JkwAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782867608699226 3961 (- - -)
Stopwatch2: 1782867608699226 3961; combined=2336, p1=306, p2=1834, p3=0, p4=0, p5=130, sr=73, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ea8f1739-Z--
--9b1c7b56-A--
[01/Jul/2026:01:00:22.087074 +0000] akRmpmQBjtrsWOLrCF4JlQAAAEw 136.158.116.144 58748 172.26.37.160 7081
--9b1c7b56-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--9b1c7b56-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9b1c7b56-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRmpmQBjtrsWOLrCF4JlQAAAEw"]
Action: Intercepted (phase 2)
Stopwatch: 1782867622083453 3682 (- - -)
Stopwatch2: 1782867622083453 3682; combined=2455, p1=341, p2=1937, p3=0, p4=0, p5=116, sr=82, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9b1c7b56-Z--
--afac8c31-A--
[01/Jul/2026:01:00:50.600183 +0000] akRmwgPaZ@8YmqlgBoqpvQAAAI8 172.68.242.121 34362 172.26.37.160 7081
--afac8c31-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14179e02d7c81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--afac8c31-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--afac8c31-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRmwgPaZ@8YmqlgBoqpvQAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782867650597187 3076 (- - -)
Stopwatch2: 1782867650597187 3076; combined=1740, p1=489, p2=1077, p3=0, p4=0, p5=114, sr=73, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--afac8c31-Z--
--94611a10-A--
[01/Jul/2026:01:01:31.057221 +0000] akRm64fKP2fTo4DxoZk8nAAAARc 117.0.21.154 35268 172.26.37.160 7081
--94611a10-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: avmhk.com
X-Real-IP: 117.0.21.154
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW5AYWRtaW4=
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0
--94611a10-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--94611a10-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRm64fKP2fTo4DxoZk8nAAAARc"]
Action: Intercepted (phase 2)
Stopwatch: 1782867691054353 2941 (- - -)
Stopwatch2: 1782867691054353 2941; combined=1491, p1=940, p2=478, p3=0, p4=0, p5=72, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--94611a10-Z--
--954a0637-A--
[01/Jul/2026:01:01:53.575225 +0000] akRnAWQBjtrsWOLrCF4JsgAAAFA 172.68.242.121 34614 172.26.37.160 7081
--954a0637-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1417b69cdbd81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--954a0637-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--954a0637-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRnAWQBjtrsWOLrCF4JsgAAAFA"]
Action: Intercepted (phase 2)
Stopwatch: 1782867713571944 3360 (- - -)
Stopwatch2: 1782867713571944 3360; combined=1563, p1=340, p2=1038, p3=0, p4=0, p5=125, sr=83, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--954a0637-Z--
--88136434-A--
[01/Jul/2026:01:02:04.105523 +0000] akRnDAPaZ@8YmqlgBoqpxQAAAJE 172.68.242.121 51590 172.26.37.160 7081
--88136434-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1417bab980e81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--88136434-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--88136434-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRnDAPaZ@8YmqlgBoqpxQAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782867724101545 4800 (- - -)
Stopwatch2: 1782867724101545 4800; combined=2585, p1=344, p2=2042, p3=0, p4=0, p5=133, sr=73, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--88136434-Z--
--9dba942e-A--
[01/Jul/2026:01:03:06.953870 +0000] akRnSgPaZ@8YmqlgBoqp1gAAAJY 172.68.242.121 43570 172.26.37.160 7081
--9dba942e-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1417d34582981b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9dba942e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9dba942e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRnSgPaZ@8YmqlgBoqp1gAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782867786950142 3816 (- - -)
Stopwatch2: 1782867786950142 3816; combined=1627, p1=373, p2=1055, p3=0, p4=0, p5=130, sr=78, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9dba942e-Z--
--c98fed05-A--
[01/Jul/2026:01:03:17.431170 +0000] akRnVWQBjtrsWOLrCF4JvwAAAEQ 172.68.242.121 42744 172.26.37.160 7081
--c98fed05-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.121
X-Forwarded-For: 2001:448a:7021:1658:7161:297d:40e:cadd
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1417d75d80b81b4-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2001:448a:7021:1658:7161:297d:40e:cadd
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c98fed05-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c98fed05-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.68.242.121 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akRnVWQBjtrsWOLrCF4JvwAAAEQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782867797428217 3583 (- - -)
Stopwatch2: 1782867797428217 3583; combined=1572, p1=325, p2=1056, p3=0, p4=0, p5=127, sr=79, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c98fed05-Z--
--882fd729-A--
[01/Jul/2026:01:04:07.933301 +0000] akRnhwPaZ@8YmqlgBoqp4wAAAIw 136.158.116.144 54256 172.26.37.160 7081
--882fd729-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--882fd729-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--882fd729-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRnhwPaZ@8YmqlgBoqp4wAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782867847930215 3148 (- - -)
Stopwatch2: 1782867847930215 3148; combined=1908, p1=371, p2=1373, p3=0, p4=0, p5=107, sr=86, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--882fd729-Z--
--7f1aa423-A--
[01/Jul/2026:01:05:12.423288 +0000] akRnyAPaZ@8YmqlgBoqp8wAAAI4 136.158.116.144 38862 172.26.37.160 7081
--7f1aa423-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--7f1aa423-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7f1aa423-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRnyAPaZ@8YmqlgBoqp8wAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1782867912420253 3096 (- - -)
Stopwatch2: 1782867912420253 3096; combined=1692, p1=323, p2=1157, p3=0, p4=0, p5=139, sr=72, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7f1aa423-Z--
--bdc96f1b-A--
[01/Jul/2026:01:06:46.934592 +0000] akRoJofKP2fTo4DxoZk8xwAAARA 136.158.116.144 40232 172.26.37.160 7081
--bdc96f1b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--bdc96f1b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bdc96f1b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRoJofKP2fTo4DxoZk8xwAAARA"]
Action: Intercepted (phase 2)
Stopwatch: 1782868006931178 3835 (- - -)
Stopwatch2: 1782868006931178 3835; combined=1550, p1=318, p2=1015, p3=0, p4=0, p5=142, sr=74, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bdc96f1b-Z--
--13fe4c4b-A--
[01/Jul/2026:01:07:29.329288 +0000] akRoUWQBjtrsWOLrCF4KJgAAAEY 136.158.116.144 47620 172.26.37.160 7081
--13fe4c4b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--13fe4c4b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--13fe4c4b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRoUWQBjtrsWOLrCF4KJgAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782868049325716 3674 (- - -)
Stopwatch2: 1782868049325716 3674; combined=2540, p1=313, p2=943, p3=0, p4=0, p5=667, sr=73, sw=617, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--13fe4c4b-Z--
--cf3b3a0a-A--
[01/Jul/2026:01:09:37.974503 +0000] akRo0YfKP2fTo4DxoZk@5QAAARA 136.158.116.144 49686 172.26.37.160 7081
--cf3b3a0a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--cf3b3a0a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cf3b3a0a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRo0YfKP2fTo4DxoZk@5QAAARA"]
Action: Intercepted (phase 2)
Stopwatch: 1782868177969772 6629 (- - -)
Stopwatch2: 1782868177969772 6629; combined=1915, p1=317, p2=1414, p3=0, p4=0, p5=121, sr=70, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cf3b3a0a-Z--
--bd9e434e-A--
[01/Jul/2026:01:10:43.230465 +0000] akRpE4fKP2fTo4DxoZk-TAAAAQY 136.158.116.144 43422 172.26.37.160 7081
--bd9e434e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.116.144
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--bd9e434e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bd9e434e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.116.144 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akRpE4fKP2fTo4DxoZk-TAAAAQY"]
Action: Intercepted (phase 2)
Stopwatch: 1782868243225233 8074 (- - -)
Stopwatch2: 1782868243225233 8074; combined=2333, p1=329, p2=1802, p3=0, p4=0, p5=134, sr=70, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bd9e434e-Z--
--55b5f771-A--
[01/Jul/2026:01:14:50.186319 +0000] akRqCmQBjtrsWOLrCF4M0QAAAEg 20.46.122.23 50236 172.26.37.160 7081
--55b5f771-B--
GET /wp-config.php HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 20.46.122.23
X-Accel-Internal: /internal-nginx-static-location
Cookie: wordpress_test_cookie=WP%20Cookie%20check
--55b5f771-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--55b5f771-H--
Message: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-config.php"] [unique_id "akRqCmQBjtrsWOLrCF4M0QAAAEg"]
Action: Intercepted (phase 1)
Stopwatch: 1782868490185739 628 (- - -)
Stopwatch2: 1782868490185739 628; combined=249, p1=193, p2=0, p3=0, p4=0, p5=55, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--55b5f771-Z--
--7a52c614-A--
[01/Jul/2026:01:17:56.920969 +0000] akRqxIfKP2fTo4DxoZlAJwAAARI 31.134.5.71 60826 172.26.37.160 7081
--7a52c614-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: contintechind.com
X-Real-IP: 31.134.5.71
X-Accel-Internal: /internal-nginx-static-location
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cache-Control: max-age=0
Sec-Ch-Ua: "Not_A Brand";v="8", "Chromium";v="120"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Windows"
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Upgrade-Insecure-Requests: 1
User-Agent: Go-http-client/1.1
--7a52c614-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7a52c614-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "contintechind.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akRqxIfKP2fTo4DxoZlAJwAAARI"]
Action: Intercepted (phase 2)
Stopwatch: 1782868676917944 3127 (- - -)
Stopwatch2: 1782868676917944 3127; combined=1269, p1=313, p2=906, p3=0, p4=0, p5=49, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7a52c614-Z--
--6dc53004-A--
[01/Jul/2026:01:21:44.811835 +0000] akRrqLZnq9k6bioFx0cDCAAAAAE 77.83.39.197 37596 172.26.37.160 7081
--6dc53004-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 77.83.39.197
User-Agent: Mozilla/5.0 (SymbianOS/9.1; U; en-us) AppleWebKit/413 (KHTML, like Gecko) Safari/413
Accept-Charset: utf-8
Accept-Encoding: gzip
--6dc53004-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--6dc53004-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akRrqLZnq9k6bioFx0cDCAAAAAE"]
Action: Intercepted (phase 1)
Stopwatch: 1782868904810623 1256 (- - -)
Stopwatch2: 1782868904810623 1256; combined=229, p1=176, p2=0, p3=0, p4=0, p5=52, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6dc53004-Z--
--11fdb112-A--
[01/Jul/2026:01:23:07.683125 +0000] akRr@2QBjtrsWOLrCF4OAAAAAE0 162.159.119.21 44598 172.26.37.160 7081
--11fdb112-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.airvenushk.com
X-Real-IP: 162.159.119.21
X-Forwarded-For: 208.68.37.246
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW5AYWRtaW4=
accept: application/json
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
accept-encoding: gzip, br
cf-ray: a1419a813eaede93-EWR
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 208.68.37.246
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--11fdb112-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--11fdb112-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.airvenushk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRr@2QBjtrsWOLrCF4OAAAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782868987680257 2948 (- - -)
Stopwatch2: 1782868987680257 2948; combined=977, p1=319, p2=567, p3=0, p4=0, p5=90, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--11fdb112-Z--
--0aab855b-A--
[01/Jul/2026:01:29:21.010925 +0000] akRtcbZnq9k6bioFx0cDRgAAABM 104.23.166.6 56046 172.26.37.160 7081
--0aab855b-B--
GET //wp-json/wp/v2/users/ HTTP/1.1
Host: immunehk.com
X-Real-IP: 104.23.166.6
X-Forwarded-For: 203.159.90.217
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, br
cf-ray: a141a3a1a88f8645-AMS
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 203.159.90.217
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0aab855b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0aab855b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||immunehk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||immunehk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "immunehk.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akRtcbZnq9k6bioFx0cDRgAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782869361007810 3281 (- - -)
Stopwatch2: 1782869361007810 3281; combined=980, p1=312, p2=617, p3=0, p4=0, p5=51, sr=86, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0aab855b-Z--
--f826c93a-A--
[01/Jul/2026:01:34:55.405482 +0000] akRuv2QBjtrsWOLrCF4O1wAAAEo 104.23.203.203 46532 172.26.37.160 7081
--f826c93a-B--
GET /.git/config HTTP/1.1
Host: airvenushk.com
X-Real-IP: 104.23.203.203
X-Forwarded-For: 2602:fa59:10:e70::1
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
cf-ray: a141abc9493169e3-LAS
accept-encoding: gzip, br
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2602:fa59:10:e70::1
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
--f826c93a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f826c93a-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.git/config"] [unique_id "akRuv2QBjtrsWOLrCF4O1wAAAEo"]
Action: Intercepted (phase 1)
Stopwatch: 1782869695404867 681 (- - -)
Stopwatch2: 1782869695404867 681; combined=265, p1=202, p2=0, p3=0, p4=0, p5=62, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f826c93a-Z--
--ff531545-A--
[01/Jul/2026:01:37:39.229304 +0000] akRvY2QBjtrsWOLrCF4PSQAAAE8 194.164.192.228 55914 172.26.37.160 7081
--ff531545-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: avmhk.com
X-Real-IP: 194.164.192.228
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic amFjay1hZG1pbjpKYWNrLWFkbWluQDEyMzQ=
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--ff531545-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ff531545-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRvY2QBjtrsWOLrCF4PSQAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782869859226282 3083 (- - -)
Stopwatch2: 1782869859226282 3083; combined=1619, p1=291, p2=1272, p3=0, p4=0, p5=55, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ff531545-Z--
--ed98a232-A--
[01/Jul/2026:01:47:52.313934 +0000] akRxxrZnq9k6bioFx0cEdwAAABg 111.65.62.239 52954 172.26.37.160 7081
--ed98a232-B--
GET /wp-content/themes/woodmart/js/libs/autocomplete.min.js?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 111.65.62.239
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua-platform: "Android"
save-data: on
user-agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Mobile Safari/537.36
sec-ch-ua: "Google Chrome";v="149", "Chromium";v="149", "Not)A;Brand";v="24"
sec-ch-ua-mobile: ?1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://eonhk.com/product/duobla-e-sofa/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9,zh-SG;q=0.8,zh;q=0.7
priority: u=2
--ed98a232-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/themes/woodmart/js/libs/autocomplete.min.js
Content-Length: 0
Content-Type: application/javascript
--ed98a232-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "20.153.140.50_67b2d5d8aa29c53fd55ce981b9ecb32053530ab1"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "20.153.140.50_67b2d5d8aa29c53fd55ce981b9ecb32053530ab1"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/js/libs/autocomplete.min.js"] [unique_id "akRxxrZnq9k6bioFx0cEdwAAABg"]
Stopwatch: 1782870470093253 2224169 (- - -)
Stopwatch2: 1782870470093253 2224169; combined=4119384, p1=337, p2=4263, p3=26, p4=16, p5=2057389, sr=65, sw=1, l=0, gc=2057352
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ed98a232-Z--
--eba7be78-A--
[01/Jul/2026:01:50:05.573582 +0000] akRyTYfKP2fTo4DxoZlDAAAAARQ 86.38.236.92 50354 172.26.37.160 7081
--eba7be78-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 86.38.236.92
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--eba7be78-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--eba7be78-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akRyTYfKP2fTo4DxoZlDAAAAARQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782870605572097 1524 (- - -)
Stopwatch2: 1782870605572097 1524; combined=1235, p1=1169, p2=0, p3=0, p4=0, p5=65, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--eba7be78-Z--
--8362de43-A--
[01/Jul/2026:01:54:35.711882 +0000] akRzW2QBjtrsWOLrCF4QkwAAAEo 176.123.8.39 34018 172.26.37.160 7081
--8362de43-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: eonhk.com
X-Real-IP: 176.123.8.39
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Accept-Encoding: gzip, deflate, br
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-GB,en;q=0.9
DNT: 1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Sec-Ch-Ua: "Not_A Brand";v="8", "Chromium";v="120", "Google Chrome";v="120"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Linux"
Cookie: wordpress_test_cookie=WP%20Cookie%20check
--8362de43-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8362de43-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eonhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akRzW2QBjtrsWOLrCF4QkwAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782870875709588 2386 (- - -)
Stopwatch2: 1782870875709588 2386; combined=1121, p1=289, p2=777, p3=0, p4=0, p5=54, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8362de43-Z--
--9336df50-A--
[01/Jul/2026:01:57:37.823516 +0000] akR0EYfKP2fTo4DxoZlDLwAAAQ4 47.245.117.221 45492 172.26.37.160 7081
--9336df50-B--
POST /dns-query HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 47.245.117.221
Content-Length: 41
User-Agent: Go-http-client/1.1
Content-Type: application/dns-message
--9336df50-F--
HTTP/1.1 404 Not Found
Content-Length: 260
Content-Type: text/html; charset=iso-8859-1
--9336df50-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/dns-query"] [unique_id "akR0EYfKP2fTo4DxoZlDLwAAAQ4"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "18.142.40.148"] [uri "/dns-query"] [unique_id "akR0EYfKP2fTo4DxoZlDLwAAAQ4"]
Stopwatch: 1782871057821038 2518 (- - -)
Stopwatch2: 1782871057821038 2518; combined=1760, p1=342, p2=1167, p3=17, p4=22, p5=212, sr=64, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9336df50-Z--
--06e3d945-A--
[01/Jul/2026:01:57:37.847176 +0000] akR0EYfKP2fTo4DxoZlDMAAAARU 47.245.117.221 45522 172.26.37.160 7081
--06e3d945-B--
POST /dns-query HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 47.245.117.221
Content-Length: 41
User-Agent: Go-http-client/1.1
Content-Type: application/dns-message
--06e3d945-F--
HTTP/1.1 404 Not Found
Content-Length: 260
Content-Type: text/html; charset=iso-8859-1
--06e3d945-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/dns-query"] [unique_id "akR0EYfKP2fTo4DxoZlDMAAAARU"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "18.142.40.148"] [uri "/dns-query"] [unique_id "akR0EYfKP2fTo4DxoZlDMAAAARU"]
Stopwatch: 1782871057844111 3110 (- - -)
Stopwatch2: 1782871057844111 3110; combined=2284, p1=327, p2=1801, p3=14, p4=19, p5=123, sr=59, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--06e3d945-Z--
--67e76934-A--
[01/Jul/2026:01:57:37.870567 +0000] akR0EWQBjtrsWOLrCF4QrAAAAEY 47.245.117.221 45552 172.26.37.160 7081
--67e76934-B--
POST /query HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 47.245.117.221
Content-Length: 41
User-Agent: Go-http-client/1.1
Content-Type: application/dns-message
--67e76934-F--
HTTP/1.1 404 Not Found
Content-Length: 260
Content-Type: text/html; charset=iso-8859-1
--67e76934-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/query"] [unique_id "akR0EWQBjtrsWOLrCF4QrAAAAEY"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "18.142.40.148"] [uri "/query"] [unique_id "akR0EWQBjtrsWOLrCF4QrAAAAEY"]
Stopwatch: 1782871057867614 2993 (- - -)
Stopwatch2: 1782871057867614 2993; combined=2256, p1=795, p2=1022, p3=14, p4=18, p5=406, sr=60, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--67e76934-Z--
--4be69848-A--
[01/Jul/2026:01:57:37.914276 +0000] akR0EWQBjtrsWOLrCF4QrgAAAEs 47.245.117.221 45578 172.26.37.160 7081
--4be69848-B--
POST /query HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 47.245.117.221
Content-Length: 41
User-Agent: Go-http-client/1.1
Content-Type: application/dns-message
--4be69848-F--
HTTP/1.1 404 Not Found
Content-Length: 260
Content-Type: text/html; charset=iso-8859-1
--4be69848-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/query"] [unique_id "akR0EWQBjtrsWOLrCF4QrgAAAEs"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "18.142.40.148"] [uri "/query"] [unique_id "akR0EWQBjtrsWOLrCF4QrgAAAEs"]
Stopwatch: 1782871057911856 2458 (- - -)
Stopwatch2: 1782871057911856 2458; combined=1614, p1=340, p2=1154, p3=17, p4=19, p5=83, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4be69848-Z--
--0c5f7816-A--
[01/Jul/2026:01:57:38.021604 +0000] akR0ErZnq9k6bioFx0cFDQAAABA 47.245.117.221 45608 172.26.37.160 7081
--0c5f7816-B--
POST /resolve HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 47.245.117.221
Content-Length: 41
User-Agent: Go-http-client/1.1
Content-Type: application/dns-message
--0c5f7816-F--
HTTP/1.1 404 Not Found
Content-Length: 260
Content-Type: text/html; charset=iso-8859-1
--0c5f7816-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/resolve"] [unique_id "akR0ErZnq9k6bioFx0cFDQAAABA"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "18.142.40.148"] [uri "/resolve"] [unique_id "akR0ErZnq9k6bioFx0cFDQAAABA"]
Stopwatch: 1782871058017756 3908 (- - -)
Stopwatch2: 1782871058017756 3908; combined=2119, p1=371, p2=1627, p3=18, p4=21, p5=82, sr=68, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0c5f7816-Z--
--228ee13b-A--
[01/Jul/2026:01:57:38.054282 +0000] akR0EofKP2fTo4DxoZlDMwAAAQI 47.245.117.221 45646 172.26.37.160 7081
--228ee13b-B--
POST /resolve HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 47.245.117.221
Content-Length: 41
User-Agent: Go-http-client/1.1
Content-Type: application/dns-message
--228ee13b-F--
HTTP/1.1 404 Not Found
Content-Length: 260
Content-Type: text/html; charset=iso-8859-1
--228ee13b-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/resolve"] [unique_id "akR0EofKP2fTo4DxoZlDMwAAAQI"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "18.142.40.148"] [uri "/resolve"] [unique_id "akR0EofKP2fTo4DxoZlDMwAAAQI"]
Stopwatch: 1782871058051436 2883 (- - -)
Stopwatch2: 1782871058051436 2883; combined=2175, p1=755, p2=1302, p3=16, p4=21, p5=80, sr=501, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--228ee13b-Z--
--f349bb11-A--
[01/Jul/2026:01:57:38.077728 +0000] akR0EmQBjtrsWOLrCF4QsgAAAFY 47.245.117.221 45680 172.26.37.160 7081
--f349bb11-B--
POST / HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 47.245.117.221
Content-Length: 41
User-Agent: Go-http-client/1.1
Content-Type: application/dns-message
--f349bb11-F--
HTTP/1.1 200 OK
Last-Modified: Thu, 11 Nov 2021 06:51:23 GMT
ETag: "1b0-5d07dc549f0c0"
Accept-Ranges: bytes
Content-Length: 432
Vary: Accept-Encoding
Content-Type: text/html
--f349bb11-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/"] [unique_id "akR0EmQBjtrsWOLrCF4QsgAAAFY"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "18.142.40.148"] [uri "/index.html"] [unique_id "akR0EmQBjtrsWOLrCF4QsgAAAFY"]
Stopwatch: 1782871058074486 3345 (- - -)
Stopwatch2: 1782871058074486 3345; combined=2210, p1=747, p2=1311, p3=23, p4=41, p5=87, sr=61, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f349bb11-Z--
--eb15673f-A--
[01/Jul/2026:01:57:38.105754 +0000] akR0EmQBjtrsWOLrCF4QswAAAFU 47.245.117.221 45714 172.26.37.160 7081
--eb15673f-B--
POST / HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 47.245.117.221
Content-Length: 41
User-Agent: Go-http-client/1.1
Content-Type: application/dns-message
--eb15673f-F--
HTTP/1.1 200 OK
Last-Modified: Thu, 11 Nov 2021 06:51:23 GMT
ETag: "1b0-5d07dc549f0c0"
Accept-Ranges: bytes
Content-Length: 432
Vary: Accept-Encoding
Content-Type: text/html
--eb15673f-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||18.142.40.148|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/"] [unique_id "akR0EmQBjtrsWOLrCF4QswAAAFU"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|18.142.40.148|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "18.142.40.148"] [uri "/index.html"] [unique_id "akR0EmQBjtrsWOLrCF4QswAAAFU"]
Stopwatch: 1782871058103340 2483 (- - -)
Stopwatch2: 1782871058103340 2483; combined=1549, p1=351, p2=1045, p3=22, p4=41, p5=90, sr=61, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--eb15673f-Z--
--ac68994b-A--
[01/Jul/2026:02:03:18.285300 +0000] akR1ZmQBjtrsWOLrCF4RNAAAAEo 91.92.40.173 38520 172.26.37.160 7081
--ac68994b-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 91.92.40.173
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Accept-Encoding: gzip, deflate, br
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-US,en;q=0.9,fr;q=0.8
DNT: 1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Cache-Control: max-age=0
Pragma: no-cache
Referer: https://wordpress.org/
Sec-Ch-Ua: "Not_A Brand";v="8", "Chromium";v="121", "Google Chrome";v="121"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "macOS"
Cookie: wordpress_test_cookie=WP%20Cookie%20check
--ac68994b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ac68994b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users"] [unique_id "akR1ZmQBjtrsWOLrCF4RNAAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782871398281867 5073 (- - -)
Stopwatch2: 1782871398281867 5073; combined=1545, p1=300, p2=1194, p3=0, p4=0, p5=50, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ac68994b-Z--
--e6c28173-A--
[01/Jul/2026:02:10:39.405023 +0000] akR3H7Znq9k6bioFx0cHEgAAABA 152.42.175.8 54264 172.26.37.160 7081
--e6c28173-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: contintechind.com
X-Real-IP: 152.42.175.8
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Accept-Encoding: gzip, deflate, br
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-US,en;q=0.9,fr;q=0.8
DNT: 1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Cache-Control: no-cache
Referer: https://www.facebook.com/
Sec-Ch-Ua: "Not_A Brand";v="8", "Chromium";v="120", "Google Chrome";v="120"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Linux"
Cookie: wordpress_test_cookie=WP%20Cookie%20check
--e6c28173-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e6c28173-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "contintechind.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akR3H7Znq9k6bioFx0cHEgAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782871839402552 2564 (- - -)
Stopwatch2: 1782871839402552 2564; combined=1129, p1=288, p2=760, p3=0, p4=0, p5=81, sr=70, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e6c28173-Z--
--485cec7b-A--
[01/Jul/2026:02:17:04.046387 +0000] akR4oIfKP2fTo4DxoZlFmAAAAQE 162.158.136.189 50254 172.26.37.160 7081
--485cec7b-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141e9881a5ca0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--485cec7b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--485cec7b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR4oIfKP2fTo4DxoZlFmAAAAQE"]
Action: Intercepted (phase 2)
Stopwatch: 1782872224041279 8927 (- - -)
Stopwatch2: 1782872224041279 8927; combined=2177, p1=346, p2=1621, p3=0, p4=0, p5=135, sr=70, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--485cec7b-Z--
--2c759740-A--
[01/Jul/2026:02:17:58.051757 +0000] akR41rZnq9k6bioFx0cH1gAAAA8 162.158.136.189 46384 172.26.37.160 7081
--2c759740-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141ead9ae4ea0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--2c759740-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2c759740-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR41rZnq9k6bioFx0cH1gAAAA8"]
Action: Intercepted (phase 2)
Stopwatch: 1782872278047836 4043 (- - -)
Stopwatch2: 1782872278047836 4043; combined=1979, p1=633, p2=1122, p3=0, p4=0, p5=146, sr=106, sw=78, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2c759740-Z--
--c6153f30-A--
[01/Jul/2026:02:18:30.802089 +0000] akR49mQBjtrsWOLrCF4TjgAAAFI 162.158.136.189 49934 172.26.37.160 7081
--c6153f30-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141eba65b74a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c6153f30-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c6153f30-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR49mQBjtrsWOLrCF4TjgAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782872310798280 3900 (- - -)
Stopwatch2: 1782872310798280 3900; combined=2420, p1=353, p2=1828, p3=0, p4=0, p5=159, sr=75, sw=80, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c6153f30-Z--
--8337c960-A--
[01/Jul/2026:02:19:25.474840 +0000] akR5LbZnq9k6bioFx0cH3wAAABY 162.158.136.189 39082 172.26.37.160 7081
--8337c960-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141ecfc09a4a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8337c960-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8337c960-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR5LbZnq9k6bioFx0cH3wAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782872365471098 3881 (- - -)
Stopwatch2: 1782872365471098 3881; combined=2494, p1=341, p2=1934, p3=0, p4=0, p5=145, sr=84, sw=74, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8337c960-Z--
--8c323d01-A--
[01/Jul/2026:02:20:41.929484 +0000] akR5eWQBjtrsWOLrCF4TwAAAAEg 162.158.136.189 48080 172.26.37.160 7081
--8c323d01-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141eed9eed8a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8c323d01-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8c323d01-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR5eWQBjtrsWOLrCF4TwAAAAEg"]
Action: Intercepted (phase 2)
Stopwatch: 1782872441925801 3778 (- - -)
Stopwatch2: 1782872441925801 3778; combined=1940, p1=303, p2=1462, p3=0, p4=0, p5=116, sr=67, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8c323d01-Z--
--7fb6b770-A--
[01/Jul/2026:02:21:29.521968 +0000] akR5qWQBjtrsWOLrCF4T6wAAAEk 189.38.195.128 55160 172.26.37.160 7081
--7fb6b770-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--7fb6b770-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7fb6b770-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR5qWQBjtrsWOLrCF4T6wAAAEk"]
Action: Intercepted (phase 2)
Stopwatch: 1782872489518948 3102 (- - -)
Stopwatch2: 1782872489518948 3102; combined=1516, p1=334, p2=996, p3=0, p4=0, p5=124, sr=75, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7fb6b770-Z--
--c090936b-A--
[01/Jul/2026:02:21:45.174784 +0000] akR5ubZnq9k6bioFx0cIDwAAAAY 162.158.136.189 56606 172.26.37.160 7081
--c090936b-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141f0652b1ba0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c090936b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c090936b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR5ubZnq9k6bioFx0cIDwAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782872505170996 3917 (- - -)
Stopwatch2: 1782872505170996 3917; combined=2508, p1=342, p2=1985, p3=0, p4=0, p5=118, sr=74, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c090936b-Z--
--22b26b3a-A--
[01/Jul/2026:02:22:06.240620 +0000] akR5zmQBjtrsWOLrCF4T-AAAAEI 162.158.136.189 44564 172.26.37.160 7081
--22b26b3a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141f0e8d963a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--22b26b3a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--22b26b3a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR5zmQBjtrsWOLrCF4T-AAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782872526237093 3618 (- - -)
Stopwatch2: 1782872526237093 3618; combined=2338, p1=319, p2=1821, p3=0, p4=0, p5=128, sr=71, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--22b26b3a-Z--
--89af7f0c-A--
[01/Jul/2026:02:22:43.924550 +0000] akR587Znq9k6bioFx0cIKQAAAAg 189.38.195.128 41196 172.26.37.160 7081
--89af7f0c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--89af7f0c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--89af7f0c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR587Znq9k6bioFx0cIKQAAAAg"]
Action: Intercepted (phase 2)
Stopwatch: 1782872563921524 3086 (- - -)
Stopwatch2: 1782872563921524 3086; combined=1410, p1=314, p2=933, p3=0, p4=0, p5=106, sr=68, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--89af7f0c-Z--
--da2e846b-A--
[01/Jul/2026:02:22:48.408270 +0000] akR5@GQBjtrsWOLrCF4UJQAAAE4 162.158.136.189 57320 172.26.37.160 7081
--da2e846b-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141f1f06ee7a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--da2e846b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--da2e846b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR5@GQBjtrsWOLrCF4UJQAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782872568404665 3695 (- - -)
Stopwatch2: 1782872568404665 3695; combined=1691, p1=377, p2=1142, p3=0, p4=0, p5=111, sr=99, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--da2e846b-Z--
--2ddec676-A--
[01/Jul/2026:02:23:30.411560 +0000] akR6IofKP2fTo4DxoZlGIwAAAQw 162.158.136.189 57270 172.26.37.160 7081
--2ddec676-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141f2f6e869a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--2ddec676-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2ddec676-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR6IofKP2fTo4DxoZlGIwAAAQw"]
Action: Intercepted (phase 2)
Stopwatch: 1782872610408011 3664 (- - -)
Stopwatch2: 1782872610408011 3664; combined=2409, p1=318, p2=1914, p3=0, p4=0, p5=121, sr=82, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2ddec676-Z--
--c0a2f00f-A--
[01/Jul/2026:02:23:51.481432 +0000] akR6N4fKP2fTo4DxoZlGJwAAAQ0 162.158.136.189 56966 172.26.37.160 7081
--c0a2f00f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 701
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141f37a9a0aa0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c0a2f00f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c0a2f00f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR6N4fKP2fTo4DxoZlGJwAAAQ0"]
Action: Intercepted (phase 2)
Stopwatch: 1782872631478345 3174 (- - -)
Stopwatch2: 1782872631478345 3174; combined=1597, p1=321, p2=1075, p3=0, p4=0, p5=127, sr=82, sw=74, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c0a2f00f-Z--
--e52e427c-A--
[01/Jul/2026:02:24:08.933318 +0000] akR6SIfKP2fTo4DxoZlGKgAAAQ4 189.38.195.128 40074 172.26.37.160 7081
--e52e427c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--e52e427c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e52e427c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR6SIfKP2fTo4DxoZlGKgAAAQ4"]
Action: Intercepted (phase 2)
Stopwatch: 1782872648930380 3014 (- - -)
Stopwatch2: 1782872648930380 3014; combined=1875, p1=369, p2=1337, p3=0, p4=0, p5=110, sr=91, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e52e427c-Z--
--2543c827-A--
[01/Jul/2026:02:24:30.143014 +0000] akR6XmQBjtrsWOLrCF4USQAAAEw 189.38.195.128 56908 172.26.37.160 7081
--2543c827-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--2543c827-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2543c827-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR6XmQBjtrsWOLrCF4USQAAAEw"]
Action: Intercepted (phase 2)
Stopwatch: 1782872670139855 3244 (- - -)
Stopwatch2: 1782872670139855 3244; combined=1498, p1=325, p2=975, p3=0, p4=0, p5=132, sr=77, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2543c827-Z--
--407ee510-A--
[01/Jul/2026:02:24:33.591483 +0000] akR6YWQBjtrsWOLrCF4USgAAAEM 162.158.136.189 56914 172.26.37.160 7081
--407ee510-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141f481ccd1a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--407ee510-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--407ee510-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR6YWQBjtrsWOLrCF4USgAAAEM"]
Action: Intercepted (phase 2)
Stopwatch: 1782872673587274 4292 (- - -)
Stopwatch2: 1782872673587274 4292; combined=2683, p1=365, p2=2123, p3=0, p4=0, p5=129, sr=86, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--407ee510-Z--
--94676e67-A--
[01/Jul/2026:02:25:33.782355 +0000] akR6nbZnq9k6bioFx0cIQwAAAAM 189.38.195.128 59680 172.26.37.160 7081
--94676e67-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--94676e67-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--94676e67-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR6nbZnq9k6bioFx0cIQwAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782872733779226 3191 (- - -)
Stopwatch2: 1782872733779226 3191; combined=2008, p1=356, p2=1461, p3=0, p4=0, p5=128, sr=71, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--94676e67-Z--
--a7d2eb65-A--
[01/Jul/2026:02:25:36.701233 +0000] akR6oLZnq9k6bioFx0cIRAAAAAg 162.158.136.189 39680 172.26.37.160 7081
--a7d2eb65-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141f60c3cc7a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a7d2eb65-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a7d2eb65-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR6oLZnq9k6bioFx0cIRAAAAAg"]
Action: Intercepted (phase 2)
Stopwatch: 1782872736697308 4009 (- - -)
Stopwatch2: 1782872736697308 4009; combined=2778, p1=317, p2=2284, p3=0, p4=0, p5=114, sr=71, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a7d2eb65-Z--
--24627712-A--
[01/Jul/2026:02:25:57.739983 +0000] akR6tWQBjtrsWOLrCF4UkQAAAFc 162.158.136.189 37268 172.26.37.160 7081
--24627712-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141f68fbfa7a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--24627712-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--24627712-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR6tWQBjtrsWOLrCF4UkQAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782872757737159 2904 (- - -)
Stopwatch2: 1782872757737159 2904; combined=1604, p1=364, p2=1061, p3=0, p4=0, p5=118, sr=88, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--24627712-Z--
--71eab408-A--
[01/Jul/2026:02:26:26.892495 +0000] akR60ofKP2fTo4DxoZlGZwAAAQ8 189.38.195.128 40880 172.26.37.160 7081
--71eab408-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--71eab408-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--71eab408-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR60ofKP2fTo4DxoZlGZwAAAQ8"]
Action: Intercepted (phase 2)
Stopwatch: 1782872786889011 3545 (- - -)
Stopwatch2: 1782872786889011 3545; combined=2362, p1=358, p2=1811, p3=0, p4=0, p5=130, sr=73, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--71eab408-Z--
--8682954b-A--
[01/Jul/2026:02:26:48.230812 +0000] akR66GQBjtrsWOLrCF4UmAAAAEc 189.38.195.128 46776 172.26.37.160 7081
--8682954b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--8682954b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8682954b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR66GQBjtrsWOLrCF4UmAAAAEc"]
Action: Intercepted (phase 2)
Stopwatch: 1782872808227718 3151 (- - -)
Stopwatch2: 1782872808227718 3151; combined=1498, p1=347, p2=961, p3=0, p4=0, p5=125, sr=78, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8682954b-Z--
--84ea2d5a-A--
[01/Jul/2026:02:27:00.894704 +0000] akR69GQBjtrsWOLrCF4UmgAAAEg 162.158.136.189 56582 172.26.37.160 7081
--84ea2d5a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141f81a6a1ba0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--84ea2d5a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--84ea2d5a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR69GQBjtrsWOLrCF4UmgAAAEg"]
Action: Intercepted (phase 2)
Stopwatch: 1782872820891070 3740 (- - -)
Stopwatch2: 1782872820891070 3740; combined=2054, p1=340, p2=1517, p3=0, p4=0, p5=133, sr=87, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--84ea2d5a-Z--
--89a66626-A--
[01/Jul/2026:02:27:30.907244 +0000] akR7EofKP2fTo4DxoZlGdgAAARM 189.38.195.128 56656 172.26.37.160 7081
--89a66626-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--89a66626-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--89a66626-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR7EofKP2fTo4DxoZlGdgAAARM"]
Action: Intercepted (phase 2)
Stopwatch: 1782872850903746 3556 (- - -)
Stopwatch2: 1782872850903746 3556; combined=2410, p1=316, p2=1849, p3=0, p4=0, p5=178, sr=74, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--89a66626-Z--
--dbfca054-A--
[01/Jul/2026:02:27:53.710639 +0000] akR7KYfKP2fTo4DxoZlGewAAARI 162.158.136.189 48036 172.26.37.160 7081
--dbfca054-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141f9648ddea0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--dbfca054-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dbfca054-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR7KYfKP2fTo4DxoZlGewAAARI"]
Action: Intercepted (phase 2)
Stopwatch: 1782872873706625 4093 (- - -)
Stopwatch2: 1782872873706625 4093; combined=2757, p1=1199, p2=1377, p3=0, p4=0, p5=123, sr=83, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dbfca054-Z--
--3853522a-A--
[01/Jul/2026:02:28:13.305633 +0000] akR7PYfKP2fTo4DxoZlGgAAAARE 189.38.195.128 44568 172.26.37.160 7081
--3853522a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--3853522a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3853522a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR7PYfKP2fTo4DxoZlGgAAAARE"]
Action: Intercepted (phase 2)
Stopwatch: 1782872893301552 4138 (- - -)
Stopwatch2: 1782872893301552 4138; combined=2902, p1=348, p2=2333, p3=0, p4=0, p5=150, sr=76, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3853522a-Z--
--95358b56-A--
[01/Jul/2026:02:28:34.513831 +0000] akR7UofKP2fTo4DxoZlGhgAAAQ4 189.38.195.128 55054 172.26.37.160 7081
--95358b56-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--95358b56-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--95358b56-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR7UofKP2fTo4DxoZlGhgAAAQ4"]
Action: Intercepted (phase 2)
Stopwatch: 1782872914510055 6721 (- - -)
Stopwatch2: 1782872914510055 6721; combined=2316, p1=340, p2=1750, p3=0, p4=0, p5=150, sr=78, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--95358b56-Z--
--fee13445-A--
[01/Jul/2026:02:28:56.837026 +0000] akR7aLZnq9k6bioFx0cIdAAAAAc 162.158.136.189 56086 172.26.37.160 7081
--fee13445-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141faef0be8a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--fee13445-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fee13445-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR7aLZnq9k6bioFx0cIdAAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782872936834161 2964 (- - -)
Stopwatch2: 1782872936834161 2964; combined=1529, p1=326, p2=1051, p3=0, p4=0, p5=99, sr=84, sw=53, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fee13445-Z--
--2dc2c657-A--
[01/Jul/2026:02:29:07.368071 +0000] akR7c2QBjtrsWOLrCF4U0wAAAFQ 162.158.136.189 47172 172.26.37.160 7081
--2dc2c657-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141fb30e8a0a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--2dc2c657-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2dc2c657-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR7c2QBjtrsWOLrCF4U0wAAAFQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782872947364658 3502 (- - -)
Stopwatch2: 1782872947364658 3502; combined=2129, p1=372, p2=1578, p3=0, p4=0, p5=118, sr=122, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2dc2c657-Z--
--fb45966a-A--
[01/Jul/2026:02:29:48.983548 +0000] akR7nLZnq9k6bioFx0cIgQAAABY 189.38.195.128 50784 172.26.37.160 7081
--fb45966a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--fb45966a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fb45966a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR7nLZnq9k6bioFx0cIgQAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782872988979440 4175 (- - -)
Stopwatch2: 1782872988979440 4175; combined=2072, p1=350, p2=1513, p3=0, p4=0, p5=139, sr=89, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fb45966a-Z--
--11dfa400-A--
[01/Jul/2026:02:30:31.571075 +0000] akR7x7Znq9k6bioFx0cIhAAAAA4 189.38.195.128 40294 172.26.37.160 7081
--11dfa400-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--11dfa400-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--11dfa400-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR7x7Znq9k6bioFx0cIhAAAAA4"]
Action: Intercepted (phase 2)
Stopwatch: 1782873031567588 3565 (- - -)
Stopwatch2: 1782873031567588 3565; combined=1784, p1=318, p2=1243, p3=0, p4=0, p5=145, sr=73, sw=78, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--11dfa400-Z--
--e1dada7e-A--
[01/Jul/2026:02:30:43.061399 +0000] akR707Znq9k6bioFx0cIiAAAAAw 162.158.136.189 48236 172.26.37.160 7081
--e1dada7e-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a141fd86fa56a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e1dada7e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e1dada7e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR707Znq9k6bioFx0cIiAAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782873043057669 5110 (- - -)
Stopwatch2: 1782873043057669 5110; combined=2484, p1=346, p2=1954, p3=0, p4=0, p5=123, sr=81, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e1dada7e-Z--
--5e19f477-A--
[01/Jul/2026:02:30:52.930842 +0000] akR73IfKP2fTo4DxoZlGvgAAARQ 189.38.195.128 33556 172.26.37.160 7081
--5e19f477-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--5e19f477-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5e19f477-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR73IfKP2fTo4DxoZlGvgAAARQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782873052926022 4883 (- - -)
Stopwatch2: 1782873052926022 4883; combined=1940, p1=316, p2=1416, p3=0, p4=0, p5=138, sr=74, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5e19f477-Z--
--998a832d-A--
[01/Jul/2026:02:30:53.616383 +0000] akR73bZnq9k6bioFx0cIigAAAAo 162.158.136.189 33558 172.26.37.160 7081
--998a832d-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141fdc8fe89a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--998a832d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--998a832d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR73bZnq9k6bioFx0cIigAAAAo"]
Action: Intercepted (phase 2)
Stopwatch: 1782873053612827 3643 (- - -)
Stopwatch2: 1782873053612827 3643; combined=1986, p1=340, p2=1480, p3=0, p4=0, p5=108, sr=87, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--998a832d-Z--
--fa009d56-A--
[01/Jul/2026:02:32:07.810489 +0000] akR8J2QBjtrsWOLrCF4VBgAAAEs 162.158.136.189 47686 172.26.37.160 7081
--fa009d56-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a141ff98afb4a0d8-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--fa009d56-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fa009d56-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR8J2QBjtrsWOLrCF4VBgAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782873127806059 4508 (- - -)
Stopwatch2: 1782873127806059 4508; combined=2027, p1=744, p2=1110, p3=0, p4=0, p5=112, sr=490, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fa009d56-Z--
--2f2ee053-A--
[01/Jul/2026:02:32:39.217701 +0000] akR8R4fKP2fTo4DxoZlG3gAAAQE 189.38.195.128 38056 172.26.37.160 7081
--2f2ee053-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--2f2ee053-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2f2ee053-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR8R4fKP2fTo4DxoZlG3gAAAQE"]
Action: Intercepted (phase 2)
Stopwatch: 1782873159214191 3581 (- - -)
Stopwatch2: 1782873159214191 3581; combined=2289, p1=342, p2=1784, p3=0, p4=0, p5=106, sr=71, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2f2ee053-Z--
--8def964e-A--
[01/Jul/2026:02:32:39.463743 +0000] akR8R4fKP2fTo4DxoZlG3wAAAQ4 162.158.136.189 38072 172.26.37.160 7081
--8def964e-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a142005e7ba27493-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8def964e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8def964e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (4+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (4+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR8R4fKP2fTo4DxoZlG3wAAAQ4"]
Action: Intercepted (phase 2)
Stopwatch: 1782873159459422 7170 (- - -)
Stopwatch2: 1782873159459422 7170; combined=1942, p1=326, p2=1451, p3=0, p4=0, p5=107, sr=73, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8def964e-Z--
--ed090337-A--
[01/Jul/2026:02:32:49.907407 +0000] akR8UYfKP2fTo4DxoZlG7wAAAQQ 189.38.195.128 57468 172.26.37.160 7081
--ed090337-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--ed090337-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ed090337-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR8UYfKP2fTo4DxoZlG7wAAAQQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782873169904557 2912 (- - -)
Stopwatch2: 1782873169904557 2912; combined=1580, p1=351, p2=959, p3=0, p4=0, p5=161, sr=73, sw=109, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ed090337-Z--
--7c639e66-A--
[01/Jul/2026:02:33:11.024032 +0000] akR8Z2QBjtrsWOLrCF4VOgAAAEE 162.158.136.189 41158 172.26.37.160 7081
--7c639e66-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1420123bcd27493-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7c639e66-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7c639e66-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR8Z2QBjtrsWOLrCF4VOgAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782873191020821 3297 (- - -)
Stopwatch2: 1782873191020821 3297; combined=1613, p1=339, p2=1103, p3=0, p4=0, p5=111, sr=98, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7c639e66-Z--
--8a847d4f-A--
[01/Jul/2026:02:33:43.118092 +0000] akR8h7Znq9k6bioFx0cIugAAABc 189.38.195.128 56948 172.26.37.160 7081
--8a847d4f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--8a847d4f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8a847d4f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR8h7Znq9k6bioFx0cIugAAABc"]
Action: Intercepted (phase 2)
Stopwatch: 1782873223114745 3411 (- - -)
Stopwatch2: 1782873223114745 3411; combined=2405, p1=335, p2=1865, p3=0, p4=0, p5=126, sr=72, sw=79, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8a847d4f-Z--
--1ab52663-A--
[01/Jul/2026:02:34:14.196478 +0000] akR8prZnq9k6bioFx0cIygAAABM 162.158.136.189 49232 172.26.37.160 7081
--1ab52663-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14202ae99e27493-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1ab52663-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1ab52663-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR8prZnq9k6bioFx0cIygAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782873254193732 2834 (- - -)
Stopwatch2: 1782873254193732 2834; combined=1612, p1=357, p2=1089, p3=0, p4=0, p5=108, sr=78, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1ab52663-Z--
--1f900312-A--
[01/Jul/2026:02:34:35.254556 +0000] akR8u4fKP2fTo4DxoZlHLgAAARc 162.158.136.189 48942 172.26.37.160 7081
--1f900312-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.189
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14203322f897493-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1f900312-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1f900312-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akR8u4fKP2fTo4DxoZlHLgAAARc"]
Action: Intercepted (phase 2)
Stopwatch: 1782873275251072 3569 (- - -)
Stopwatch2: 1782873275251072 3569; combined=2397, p1=308, p2=1921, p3=0, p4=0, p5=108, sr=73, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1f900312-Z--
--87cc5a2e-A--
[01/Jul/2026:02:34:46.991558 +0000] akR8xofKP2fTo4DxoZlHNAAAAQk 189.38.195.128 49156 172.26.37.160 7081
--87cc5a2e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--87cc5a2e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--87cc5a2e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR8xofKP2fTo4DxoZlHNAAAAQk"]
Action: Intercepted (phase 2)
Stopwatch: 1782873286988012 3613 (- - -)
Stopwatch2: 1782873286988012 3613; combined=1748, p1=303, p2=1261, p3=0, p4=0, p5=124, sr=69, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--87cc5a2e-Z--
--a067d014-A--
[01/Jul/2026:02:35:08.431945 +0000] akR83GQBjtrsWOLrCF4VewAAAEM 189.38.195.128 55384 172.26.37.160 7081
--a067d014-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--a067d014-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a067d014-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR83GQBjtrsWOLrCF4VewAAAEM"]
Action: Intercepted (phase 2)
Stopwatch: 1782873308428530 3472 (- - -)
Stopwatch2: 1782873308428530 3472; combined=2058, p1=405, p2=1455, p3=0, p4=0, p5=134, sr=87, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a067d014-Z--
--69bd9b6d-A--
[01/Jul/2026:02:35:18.705376 +0000] akR85mQBjtrsWOLrCF4VfAAAAEc 148.251.47.87 41584 172.26.37.160 7081
--69bd9b6d-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: avmhk.com
X-Real-IP: 148.251.47.87
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW5AMjAyNQ==
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--69bd9b6d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--69bd9b6d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akR85mQBjtrsWOLrCF4VfAAAAEc"]
Action: Intercepted (phase 2)
Stopwatch: 1782873318703260 2170 (- - -)
Stopwatch2: 1782873318703260 2170; combined=913, p1=334, p2=516, p3=0, p4=0, p5=63, sr=88, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--69bd9b6d-Z--
--2d375140-A--
[01/Jul/2026:02:35:50.943938 +0000] akR9BmQBjtrsWOLrCF4ViAAAAEo 189.38.195.128 50322 172.26.37.160 7081
--2d375140-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--2d375140-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2d375140-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR9BmQBjtrsWOLrCF4ViAAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782873350938486 5523 (- - -)
Stopwatch2: 1782873350938486 5523; combined=2832, p1=421, p2=2218, p3=0, p4=0, p5=128, sr=91, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2d375140-Z--
--d03ce06a-A--
[01/Jul/2026:02:36:22.812467 +0000] akR9JofKP2fTo4DxoZlHiQAAAQM 189.38.195.128 57910 172.26.37.160 7081
--d03ce06a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--d03ce06a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d03ce06a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR9JofKP2fTo4DxoZlHiQAAAQM"]
Action: Intercepted (phase 2)
Stopwatch: 1782873382809450 3114 (- - -)
Stopwatch2: 1782873382809450 3114; combined=2030, p1=320, p2=1449, p3=0, p4=0, p5=165, sr=81, sw=96, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d03ce06a-Z--
--5496862a-A--
[01/Jul/2026:02:36:44.091361 +0000] akR9PIfKP2fTo4DxoZlHoAAAAQ8 189.38.195.128 34254 172.26.37.160 7081
--5496862a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)
--5496862a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5496862a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR9PIfKP2fTo4DxoZlHoAAAAQ8"]
Action: Intercepted (phase 2)
Stopwatch: 1782873404087482 4175 (- - -)
Stopwatch2: 1782873404087482 4175; combined=1669, p1=386, p2=1108, p3=0, p4=0, p5=115, sr=97, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5496862a-Z--
--197e1f2d-A--
[01/Jul/2026:02:37:37.321033 +0000] akR9cWQBjtrsWOLrCF4WpAAAAEc 189.38.195.128 50706 172.26.37.160 7081
--197e1f2d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--197e1f2d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--197e1f2d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR9cWQBjtrsWOLrCF4WpAAAAEc"]
Action: Intercepted (phase 2)
Stopwatch: 1782873457317786 6952 (- - -)
Stopwatch2: 1782873457317786 6952; combined=1146, p1=251, p2=735, p3=0, p4=0, p5=106, sr=60, sw=54, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--197e1f2d-Z--
--0fc9f148-A--
[01/Jul/2026:02:38:41.216495 +0000] akR9sWQBjtrsWOLrCF4W6wAAAEg 189.38.195.128 45076 172.26.37.160 7081
--0fc9f148-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--0fc9f148-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0fc9f148-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR9sWQBjtrsWOLrCF4W6wAAAEg"]
Action: Intercepted (phase 2)
Stopwatch: 1782873521213061 3493 (- - -)
Stopwatch2: 1782873521213061 3493; combined=2349, p1=321, p2=1835, p3=0, p4=0, p5=125, sr=73, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0fc9f148-Z--
--e0da964c-A--
[01/Jul/2026:02:39:02.550718 +0000] akR9xofKP2fTo4DxoZlIWgAAAQc 189.38.195.128 53092 172.26.37.160 7081
--e0da964c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--e0da964c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e0da964c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR9xofKP2fTo4DxoZlIWgAAAQc"]
Action: Intercepted (phase 2)
Stopwatch: 1782873542547332 3447 (- - -)
Stopwatch2: 1782873542547332 3447; combined=2401, p1=360, p2=1861, p3=0, p4=0, p5=116, sr=80, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e0da964c-Z--
--4f8df35d-A--
[01/Jul/2026:02:39:45.160462 +0000] akR98WQBjtrsWOLrCF4XCQAAAFM 189.38.195.128 44890 172.26.37.160 7081
--4f8df35d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--4f8df35d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4f8df35d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR98WQBjtrsWOLrCF4XCQAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782873585157394 3126 (- - -)
Stopwatch2: 1782873585157394 3126; combined=1916, p1=322, p2=1404, p3=0, p4=0, p5=125, sr=76, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4f8df35d-Z--
--fb0f4121-A--
[01/Jul/2026:02:39:50.544818 +0000] akR99ofKP2fTo4DxoZlIbgAAARI 181.41.206.214 44940 172.26.37.160 7081
--fb0f4121-B--
GET /.env HTTP/1.1
Host: avmhk.com
X-Real-IP: 181.41.206.214
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
Accept-Encoding: gzip, deflate
Accept: */*
--fb0f4121-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fb0f4121-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "avmhk.com"] [uri "/.env"] [unique_id "akR99ofKP2fTo4DxoZlIbgAAARI"]
Action: Intercepted (phase 1)
Stopwatch: 1782873590543824 1048 (- - -)
Stopwatch2: 1782873590543824 1048; combined=629, p1=580, p2=0, p3=0, p4=0, p5=49, sr=71, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fb0f4121-Z--
--64ff9261-A--
[01/Jul/2026:02:40:06.539953 +0000] akR@BrZnq9k6bioFx0cKIwAAAAE 189.38.195.128 55984 172.26.37.160 7081
--64ff9261-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--64ff9261-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--64ff9261-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR@BrZnq9k6bioFx0cKIwAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782873606536846 3168 (- - -)
Stopwatch2: 1782873606536846 3168; combined=1568, p1=330, p2=1058, p3=0, p4=0, p5=117, sr=75, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--64ff9261-Z--
--54df1634-A--
[01/Jul/2026:02:40:25.533615 +0000] akR@F4fKP2fTo4DxoZlIjgAAARA 162.158.179.216 49808 172.26.37.160 7081
--54df1634-B--
GET /wp-content/plugins/elementor/assets/css/widget-social-icons.min.css?ver=3.27.6 HTTP/1.1
Host: immunehk.com
X-Real-IP: 162.158.179.216
X-Forwarded-For: 210.209.126.134
X-Accel-Internal: /internal-nginx-static-location
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
accept-encoding: gzip, br
priority: u=1, i
cf-ray: a1420bb13b808585-HKG
accept-language: en-US,en;q=0.9
sec-fetch-dest: style
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.5 Mobile/15E148 Safari/604.1
accept: text/css,*/*;q=0.1
referer: https://immunehk.com/
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 210.209.126.134
cf-ipcountry: HK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
if-none-match: "6a1d522b-141e"
if-modified-since: Mon, 01 Jun 2026 09:34:35 GMT
--54df1634-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/plugins/elementor/assets/css/widget-social-icons.min.css
Content-Length: 0
Content-Type: text/css
--54df1634-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "180.191.124.238_98c7f253d6ee7af076be37c9ee4174fc76ad0d2b"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "180.191.124.238_98c7f253d6ee7af076be37c9ee4174fc76ad0d2b"): Internal error (specific information not available) [hostname "immunehk.com"] [uri "/wp-content/plugins/elementor/assets/css/widget-social-icons.min.css"] [unique_id "akR@F4fKP2fTo4DxoZlIjgAAARA"]
Stopwatch: 1782873623467211 2067597 (- - -)
Stopwatch2: 1782873623467211 2067597; combined=3822533, p1=155161, p2=1945, p3=26, p4=21, p5=1832705, sr=47, sw=0, l=0, gc=1832675
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--54df1634-Z--
--b8a69719-A--
[01/Jul/2026:02:41:10.294144 +0000] akR@RrZnq9k6bioFx0cKawAAAAg 189.38.195.128 40436 172.26.37.160 7081
--b8a69719-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--b8a69719-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b8a69719-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR@RrZnq9k6bioFx0cKawAAAAg"]
Action: Intercepted (phase 2)
Stopwatch: 1782873670291016 3190 (- - -)
Stopwatch2: 1782873670291016 3190; combined=1916, p1=765, p2=967, p3=0, p4=0, p5=121, sr=523, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b8a69719-Z--
--4fab8b7e-A--
[01/Jul/2026:02:42:24.733045 +0000] akR@kLZnq9k6bioFx0cKiAAAAAI 189.38.195.128 37050 172.26.37.160 7081
--4fab8b7e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--4fab8b7e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4fab8b7e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR@kLZnq9k6bioFx0cKiAAAAAI"]
Action: Intercepted (phase 2)
Stopwatch: 1782873744729187 4973 (- - -)
Stopwatch2: 1782873744729187 4973; combined=1646, p1=465, p2=998, p3=0, p4=0, p5=121, sr=214, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4fab8b7e-Z--
--f9f8fb55-A--
[01/Jul/2026:02:43:28.512204 +0000] akR@0LZnq9k6bioFx0cKqAAAAAA 189.38.195.128 48754 172.26.37.160 7081
--f9f8fb55-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--f9f8fb55-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f9f8fb55-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR@0LZnq9k6bioFx0cKqAAAAAA"]
Action: Intercepted (phase 2)
Stopwatch: 1782873808508899 3390 (- - -)
Stopwatch2: 1782873808508899 3390; combined=1777, p1=357, p2=1211, p3=0, p4=0, p5=131, sr=88, sw=78, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f9f8fb55-Z--
--6c36fa2f-A--
[01/Jul/2026:02:43:39.160176 +0000] akR@24fKP2fTo4DxoZlJAgAAARE 189.38.195.128 40960 172.26.37.160 7081
--6c36fa2f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--6c36fa2f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6c36fa2f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR@24fKP2fTo4DxoZlJAgAAARE"]
Action: Intercepted (phase 2)
Stopwatch: 1782873819154856 5399 (- - -)
Stopwatch2: 1782873819154856 5399; combined=3077, p1=444, p2=2374, p3=0, p4=0, p5=173, sr=94, sw=86, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6c36fa2f-Z--
--5713261d-A--
[01/Jul/2026:02:44:32.314151 +0000] akR-EIfKP2fTo4DxoZlJDwAAARE 189.38.195.128 42242 172.26.37.160 7081
--5713261d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--5713261d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5713261d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR-EIfKP2fTo4DxoZlJDwAAARE"]
Action: Intercepted (phase 2)
Stopwatch: 1782873872311186 3021 (- - -)
Stopwatch2: 1782873872311186 3021; combined=1498, p1=320, p2=998, p3=0, p4=0, p5=119, sr=79, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5713261d-Z--
--85c48852-A--
[01/Jul/2026:02:45:25.683730 +0000] akR-RbZnq9k6bioFx0cK4wAAAAw 189.38.195.128 41326 172.26.37.160 7081
--85c48852-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 189.38.195.128
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--85c48852-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--85c48852-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 189.38.195.128 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akR-RbZnq9k6bioFx0cK4wAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782873925680330 3458 (- - -)
Stopwatch2: 1782873925680330 3458; combined=2279, p1=331, p2=1758, p3=0, p4=0, p5=126, sr=75, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--85c48852-Z--
--742dd472-A--
[01/Jul/2026:02:46:12.271737 +0000] akR-dGQBjtrsWOLrCF4X0AAAAEA 45.133.113.32 49126 172.26.37.160 7081
--742dd472-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: eonhk.com
X-Real-IP: 45.133.113.32
X-Accel-Internal: /internal-nginx-static-location
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cache-Control: max-age=0
Sec-Ch-Ua: "Not_A Brand";v="8", "Chromium";v="120"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Windows"
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Upgrade-Insecure-Requests: 1
User-Agent: Go-http-client/1.1
--742dd472-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--742dd472-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eonhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akR-dGQBjtrsWOLrCF4X0AAAAEA"]
Action: Intercepted (phase 2)
Stopwatch: 1782873972269031 2785 (- - -)
Stopwatch2: 1782873972269031 2785; combined=1466, p1=331, p2=1056, p3=0, p4=0, p5=78, sr=92, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--742dd472-Z--
--a0ec4b40-A--
[01/Jul/2026:02:51:25.022846 +0000] akSArbZnq9k6bioFx0cLRgAAAA8 162.158.136.188 53484 172.26.37.160 7081
--a0ec4b40-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.136.188
X-Forwarded-For: 180.191.124.238
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1421bd93f236876-MNL
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 180.191.124.238
cf-ipcountry: PH
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a0ec4b40-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a0ec4b40-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.191.124.238 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSArbZnq9k6bioFx0cLRgAAAA8"]
Action: Intercepted (phase 2)
Stopwatch: 1782874285020189 2756 (- - -)
Stopwatch2: 1782874285020189 2756; combined=1562, p1=348, p2=1052, p3=0, p4=0, p5=106, sr=87, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a0ec4b40-Z--
--f9a8f553-A--
[01/Jul/2026:02:55:32.071441 +0000] akSBpLZnq9k6bioFx0cLewAAABE 20.153.140.50 38138 172.26.37.160 7081
--f9a8f553-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 20.153.140.50
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://sunchongfung.com/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--f9a8f553-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f9a8f553-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sunchongfung.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sunchongfung.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sunchongfung.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSBpLZnq9k6bioFx0cLewAAABE"]
Action: Intercepted (phase 2)
Stopwatch: 1782874532068776 2723 (- - -)
Stopwatch2: 1782874532068776 2723; combined=814, p1=283, p2=470, p3=0, p4=0, p5=61, sr=69, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f9a8f553-Z--
--36b6ed61-A--
[01/Jul/2026:03:06:48.624765 +0000] akSESIfKP2fTo4DxoZlK5gAAAQs 172.71.214.248 35042 172.26.37.160 7081
--36b6ed61-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.71.214.248
X-Forwarded-For: 103.166.182.186
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW4xMjM0NTZhQA==
accept: application/json
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
accept-encoding: gzip, br
cf-ray: a14232653a5004b5-HKG
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.166.182.186
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--36b6ed61-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--36b6ed61-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "airvenushk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSESIfKP2fTo4DxoZlK5gAAAQs"]
Action: Intercepted (phase 2)
Stopwatch: 1782875208621842 3828 (- - -)
Stopwatch2: 1782875208621842 3828; combined=973, p1=317, p2=605, p3=0, p4=0, p5=50, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--36b6ed61-Z--
--8bff8010-A--
[01/Jul/2026:03:11:13.615473 +0000] akSFUWQBjtrsWOLrCF4augAAAEQ 165.232.170.247 37368 172.26.37.160 7081
--8bff8010-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: contintechind.com
X-Real-IP: 165.232.170.247
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic dmluY2ktYWRtaW46QWExMjM0NTY=
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
--8bff8010-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8bff8010-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "contintechind.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSFUWQBjtrsWOLrCF4augAAAEQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782875473612633 3361 (- - -)
Stopwatch2: 1782875473612633 3361; combined=1379, p1=822, p2=491, p3=0, p4=0, p5=65, sr=68, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8bff8010-Z--
--cb560f4c-A--
[01/Jul/2026:03:13:32.599354 +0000] akSF3LZnq9k6bioFx0cOmAAAAAk 37.19.197.177 40782 172.26.37.160 7081
--cb560f4c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 37.19.197.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 292
sec-ch-ua: "Chromium";v="136", "Brave";v="136", "Not.A/Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9,uk;q=0.8,de;q=0.7,fr;q=0.6,es;q=0.5,*;q=0.4
Content-Type: text/plain; charset=utf-8
--cb560f4c-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.31
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 206
Content-Type: text/xml; charset=UTF-8
--cb560f4c-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3LZnq9k6bioFx0cOmAAAAAk"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3LZnq9k6bioFx0cOmAAAAAk"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/avmhk.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1782875612093235 506204 (- - -)
Stopwatch2: 1782875612093235 506204; combined=2204, p1=690, p2=1138, p3=59, p4=41, p5=204, sr=53, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cb560f4c-Z--
--25ac3057-A--
[01/Jul/2026:03:13:32.764326 +0000] akSF3LZnq9k6bioFx0cOlgAAABA 37.19.197.177 40780 172.26.37.160 7081
--25ac3057-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 37.19.197.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 294
sec-ch-ua: "Chromium";v="136", "Brave";v="136", "Not.A/Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9,uk;q=0.8,de;q=0.7,fr;q=0.6,es;q=0.5,*;q=0.4
Content-Type: text/plain; charset=utf-8
--25ac3057-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.31
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 206
Content-Type: text/xml; charset=UTF-8
--25ac3057-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3LZnq9k6bioFx0cOlgAAABA"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3LZnq9k6bioFx0cOlgAAABA"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/avmhk.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1782875612086720 677731 (- - -)
Stopwatch2: 1782875612086720 677731; combined=2383, p1=351, p2=1571, p3=80, p4=54, p5=239, sr=59, sw=88, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--25ac3057-Z--
--ee5e7805-A--
[01/Jul/2026:03:13:32.869832 +0000] akSF3BLDPx3Xe4AODnNvZAAAAI0 37.19.197.177 40794 172.26.37.160 7081
--ee5e7805-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 37.19.197.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 291
sec-ch-ua: "Chromium";v="136", "Brave";v="136", "Not.A/Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9,uk;q=0.8,de;q=0.7,fr;q=0.6,es;q=0.5,*;q=0.4
Content-Type: text/plain; charset=utf-8
--ee5e7805-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.31
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 206
Content-Type: text/xml; charset=UTF-8
--ee5e7805-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3BLDPx3Xe4AODnNvZAAAAI0"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3BLDPx3Xe4AODnNvZAAAAI0"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/avmhk.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1782875612093209 776710 (- - -)
Stopwatch2: 1782875612093209 776710; combined=2330, p1=975, p2=978, p3=62, p4=38, p5=191, sr=48, sw=86, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ee5e7805-Z--
--2f7a3c06-A--
[01/Jul/2026:03:13:32.877478 +0000] akSF3LZnq9k6bioFx0cOlwAAAA0 37.19.197.177 40770 172.26.37.160 7081
--2f7a3c06-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 37.19.197.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 294
sec-ch-ua: "Chromium";v="136", "Brave";v="136", "Not.A/Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9,uk;q=0.8,de;q=0.7,fr;q=0.6,es;q=0.5,*;q=0.4
Content-Type: text/plain; charset=utf-8
--2f7a3c06-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.31
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 206
Content-Type: text/xml; charset=UTF-8
--2f7a3c06-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3LZnq9k6bioFx0cOlwAAAA0"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3LZnq9k6bioFx0cOlwAAAA0"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/avmhk.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1782875612088178 789401 (- - -)
Stopwatch2: 1782875612088178 789401; combined=4086, p1=234, p2=3495, p3=54, p4=42, p5=188, sr=40, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2f7a3c06-Z--
--4b31476a-A--
[01/Jul/2026:03:13:32.902488 +0000] akSF3LZnq9k6bioFx0cOlQAAAAo 37.19.197.177 40766 172.26.37.160 7081
--4b31476a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 37.19.197.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 292
sec-ch-ua: "Chromium";v="136", "Brave";v="136", "Not.A/Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9,uk;q=0.8,de;q=0.7,fr;q=0.6,es;q=0.5,*;q=0.4
Content-Type: text/plain; charset=utf-8
--4b31476a-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.31
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 206
Content-Type: text/xml; charset=UTF-8
--4b31476a-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3LZnq9k6bioFx0cOlQAAAAo"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3LZnq9k6bioFx0cOlQAAAAo"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/avmhk.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1782875612084280 818301 (- - -)
Stopwatch2: 1782875612084280 818301; combined=9263, p1=374, p2=8551, p3=57, p4=46, p5=168, sr=67, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4b31476a-Z--
--37169e50-A--
[01/Jul/2026:03:13:33.041769 +0000] akSF3BLDPx3Xe4AODnNvYwAAAJA 37.19.197.177 40808 172.26.37.160 7081
--37169e50-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 37.19.197.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 295
sec-ch-ua: "Chromium";v="136", "Brave";v="136", "Not.A/Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9,uk;q=0.8,de;q=0.7,fr;q=0.6,es;q=0.5,*;q=0.4
Content-Type: text/plain; charset=utf-8
--37169e50-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.31
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 206
Content-Type: text/xml; charset=UTF-8
--37169e50-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3BLDPx3Xe4AODnNvYwAAAJA"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3BLDPx3Xe4AODnNvYwAAAJA"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/avmhk.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1782875612092971 948881 (- - -)
Stopwatch2: 1782875612092971 948881; combined=8012, p1=6003, p2=1633, p3=61, p4=44, p5=199, sr=50, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--37169e50-Z--
--4d0d105a-A--
[01/Jul/2026:03:13:33.110304 +0000] akSF3BLDPx3Xe4AODnNvYgAAAJc 37.19.197.177 40786 172.26.37.160 7081
--4d0d105a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 37.19.197.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 294
sec-ch-ua: "Chromium";v="136", "Brave";v="136", "Not.A/Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9,uk;q=0.8,de;q=0.7,fr;q=0.6,es;q=0.5,*;q=0.4
Content-Type: text/plain; charset=utf-8
--4d0d105a-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.31
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 206
Content-Type: text/xml; charset=UTF-8
--4d0d105a-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||avmhk.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3BLDPx3Xe4AODnNvYgAAAJc"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSF3BLDPx3Xe4AODnNvYgAAAJc"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/avmhk.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1782875612092685 1017702 (- - -)
Stopwatch2: 1782875612092685 1017702; combined=17918, p1=1240, p2=16259, p3=74, p4=53, p5=203, sr=56, sw=89, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4d0d105a-Z--
--13676c01-A--
[01/Jul/2026:03:33:56.719235 +0000] akSKpLZnq9k6bioFx0cQXQAAABE 46.101.1.225 42020 172.26.37.160 7081
--13676c01-B--
GET /.env HTTP/1.1
Host: eonhk.com
X-Real-IP: 46.101.1.225
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (l9scan/2.0.834313e20343e2234313e28313; +https://leakix.net)
Accept-Encoding: gzip
--13676c01-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--13676c01-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/.env"] [unique_id "akSKpLZnq9k6bioFx0cQXQAAABE"]
Action: Intercepted (phase 1)
Stopwatch: 1782876836716219 4038 (- - -)
Stopwatch2: 1782876836716219 4038; combined=654, p1=579, p2=0, p3=0, p4=0, p5=75, sr=87, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--13676c01-Z--
--90c75742-A--
[01/Jul/2026:03:34:01.004293 +0000] akSKqRLDPx3Xe4AODnNwjAAAAIo 46.101.1.225 42068 172.26.37.160 7081
--90c75742-B--
GET /.git/config HTTP/1.1
Host: eonhk.com
X-Real-IP: 46.101.1.225
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (l9scan/2.0.834313e20343e2234313e28313; +https://leakix.net)
Accept-Encoding: gzip
--90c75742-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--90c75742-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/.git/config"] [unique_id "akSKqRLDPx3Xe4AODnNwjAAAAIo"]
Action: Intercepted (phase 1)
Stopwatch: 1782876841003169 1362 (- - -)
Stopwatch2: 1782876841003169 1362; combined=249, p1=195, p2=0, p3=0, p4=0, p5=54, sr=71, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--90c75742-Z--
--72fb557c-A--
[01/Jul/2026:03:34:12.655966 +0000] akSKtBLDPx3Xe4AODnNwkwAAAJA 46.101.1.225 51452 172.26.37.160 7081
--72fb557c-B--
POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D""+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.1
Host: eonhk.com
X-Real-IP: 46.101.1.225
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 164
User-Agent: Mozilla/5.0 (l9scan/2.0.834313e20343e2234313e28313; +https://leakix.net)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
--72fb557c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--72fb557c-H--
Message: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd cgi.force_redirect=0 \xadd disable_functions="" \xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||eonhk.com|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd cgi.force_redirect=0 \x5cxadd disable_functions=\x22\x22 \x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd cgi.force_redirect=0 \xadd disable_functions=\x22\x22 \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions="" \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||eonhk.com|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd cgi.force_redirect=0 \\\\x5cxadd disable_functions=\\\\x22\\\\x22 \\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions=\\\\x22\\\\x22 \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "eonhk.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "akSKtBLDPx3Xe4AODnNwkwAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782876852652875 3538 (- - -)
Stopwatch2: 1782876852652875 3538; combined=1078, p1=315, p2=678, p3=0, p4=0, p5=85, sr=68, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--72fb557c-Z--
--32a4064c-A--
[01/Jul/2026:03:34:16.835394 +0000] akSKuGQBjtrsWOLrCF4cngAAAFM 46.101.1.225 45410 172.26.37.160 7081
--32a4064c-B--
GET /trace.axd HTTP/1.1
Host: eonhk.com
X-Real-IP: 46.101.1.225
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (l9scan/2.0.834313e20343e2234313e28313; +https://leakix.net)
Accept-Encoding: gzip
--32a4064c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--32a4064c-H--
Message: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||eonhk.com|F|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||eonhk.com|F|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eonhk.com"] [uri "/trace.axd"] [unique_id "akSKuGQBjtrsWOLrCF4cngAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782876856831833 4419 (- - -)
Stopwatch2: 1782876856831833 4419; combined=1089, p1=735, p2=267, p3=0, p4=0, p5=87, sr=499, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--32a4064c-Z--
--73153215-A--
[01/Jul/2026:03:36:37.942176 +0000] akSLRRLDPx3Xe4AODnNxfwAAAJQ 88.99.102.212 60722 172.26.37.160 7081
--73153215-B--
GET /robots.txt HTTP/1.1
Host: avmhk.com
X-Real-IP: 88.99.102.212
X-Accel-Internal: /internal-nginx-static-location
Accept-Language: en-us,en-gb,en;q=0.7,*;q=0.3
Accept-Charset: utf-8,iso-8859-1;q=0.7,*;q=0.7
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: x-gzip, gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36/Nutch-1.21-SNAPSHOT
Proxy-Connection: Keep-Alive
--73153215-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--73153215-H--
Message: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||avmhk.com|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||avmhk.com|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "avmhk.com"] [uri "/robots.txt"] [unique_id "akSLRRLDPx3Xe4AODnNxfwAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782876997939628 4403 (- - -)
Stopwatch2: 1782876997939628 4403; combined=1101, p1=736, p2=307, p3=0, p4=0, p5=58, sr=73, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--73153215-Z--
--9791442a-A--
[01/Jul/2026:03:39:28.180030 +0000] akSL8GQBjtrsWOLrCF4dTQAAAEA 193.239.176.31 51392 172.26.37.160 7081
--9791442a-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 193.239.176.31
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--9791442a-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--9791442a-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akSL8GQBjtrsWOLrCF4dTQAAAEA"]
Action: Intercepted (phase 1)
Stopwatch: 1782877168179500 569 (- - -)
Stopwatch2: 1782877168179500 569; combined=254, p1=198, p2=0, p3=0, p4=0, p5=55, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9791442a-Z--
--4cba6f18-A--
[01/Jul/2026:03:43:33.681649 +0000] akSM5RLDPx3Xe4AODnNyBAAAAII 162.158.210.36 52290 172.26.37.160 7081
--4cba6f18-B--
GET /.git/HEAD HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.36
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a1426838cabad0e7-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4cba6f18-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4cba6f18-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.git/HEAD"] [unique_id "akSM5RLDPx3Xe4AODnNyBAAAAII"]
Action: Intercepted (phase 1)
Stopwatch: 1782877413680729 1000 (- - -)
Stopwatch2: 1782877413680729 1000; combined=309, p1=244, p2=0, p3=0, p4=0, p5=64, sr=101, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4cba6f18-Z--
--a842862b-A--
[01/Jul/2026:03:43:34.252155 +0000] akSM5hLDPx3Xe4AODnNyBQAAAIU 162.158.210.100 47564 172.26.37.160 7081
--a842862b-B--
GET /.git/config HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.100
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a142683c5f96d0e7-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a842862b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a842862b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.git/config"] [unique_id "akSM5hLDPx3Xe4AODnNyBQAAAIU"]
Action: Intercepted (phase 1)
Stopwatch: 1782877414251561 689 (- - -)
Stopwatch2: 1782877414251561 689; combined=251, p1=199, p2=0, p3=0, p4=0, p5=51, sr=76, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a842862b-Z--
--ccacb129-A--
[01/Jul/2026:03:43:34.473398 +0000] akSM5rZnq9k6bioFx0cSCgAAAAE 162.158.210.100 47574 172.26.37.160 7081
--ccacb129-B--
GET /.git/index HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.100
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a142683fec8cd0e7-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ccacb129-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ccacb129-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.git/index"] [unique_id "akSM5rZnq9k6bioFx0cSCgAAAAE"]
Action: Intercepted (phase 1)
Stopwatch: 1782877414472774 698 (- - -)
Stopwatch2: 1782877414472774 698; combined=288, p1=232, p2=0, p3=0, p4=0, p5=56, sr=77, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ccacb129-Z--
--73235421-A--
[01/Jul/2026:03:43:34.696554 +0000] akSM5hLDPx3Xe4AODnNyBgAAAJc 162.158.210.100 47576 172.26.37.160 7081
--73235421-B--
GET /.git/logs/HEAD HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.100
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a14268414e54d0e7-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--73235421-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--73235421-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.git/logs/HEAD"] [unique_id "akSM5hLDPx3Xe4AODnNyBgAAAJc"]
Action: Intercepted (phase 1)
Stopwatch: 1782877414695951 672 (- - -)
Stopwatch2: 1782877414695951 672; combined=248, p1=197, p2=0, p3=0, p4=0, p5=50, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--73235421-Z--
--544b7a54-A--
[01/Jul/2026:03:43:35.371235 +0000] akSM57Znq9k6bioFx0cSCwAAAAQ 162.158.210.36 47592 172.26.37.160 7081
--544b7a54-B--
GET /.git/HEAD HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.36
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14268458c27d0e7-SOF
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
accept-encoding: gzip, br
referer: http://airvenushk.com/.git/HEAD
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--544b7a54-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--544b7a54-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.git/HEAD"] [unique_id "akSM57Znq9k6bioFx0cSCwAAAAQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782877415369867 1463 (- - -)
Stopwatch2: 1782877415369867 1463; combined=235, p1=179, p2=0, p3=0, p4=0, p5=55, sr=74, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--544b7a54-Z--
--89d59244-A--
[01/Jul/2026:03:43:35.818337 +0000] akSM52QBjtrsWOLrCF4dkwAAAFQ 162.158.210.36 47604 172.26.37.160 7081
--89d59244-B--
GET /.git/config HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.36
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1426848486dd0e7-SOF
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
accept-encoding: gzip, br
referer: http://airvenushk.com/.git/config
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--89d59244-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--89d59244-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.git/config"] [unique_id "akSM52QBjtrsWOLrCF4dkwAAAFQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782877415817573 855 (- - -)
Stopwatch2: 1782877415817573 855; combined=248, p1=180, p2=0, p3=0, p4=0, p5=67, sr=75, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--89d59244-Z--
--1880265b-A--
[01/Jul/2026:03:43:36.281041 +0000] akSM6LZnq9k6bioFx0cSDAAAAAc 162.158.210.36 47632 172.26.37.160 7081
--1880265b-B--
GET /.git/index HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.36
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a142684b3be6d0e7-SOF
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
accept-encoding: gzip, br
referer: http://airvenushk.com/.git/index
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1880265b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1880265b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.git/index"] [unique_id "akSM6LZnq9k6bioFx0cSDAAAAAc"]
Action: Intercepted (phase 1)
Stopwatch: 1782877416278357 3285 (- - -)
Stopwatch2: 1782877416278357 3285; combined=236, p1=187, p2=0, p3=0, p4=0, p5=48, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1880265b-Z--
--092ef104-A--
[01/Jul/2026:03:43:36.730091 +0000] akSM6BLDPx3Xe4AODnNyBwAAAIQ 162.158.210.36 47654 172.26.37.160 7081
--092ef104-B--
GET /.git/logs/HEAD HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.36
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a142684e0823d0e7-SOF
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
accept-encoding: gzip, br
referer: http://airvenushk.com/.git/logs/HEAD
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--092ef104-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--092ef104-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.git/logs/HEAD"] [unique_id "akSM6BLDPx3Xe4AODnNyBwAAAIQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782877416729048 2374 (- - -)
Stopwatch2: 1782877416729048 2374; combined=692, p1=641, p2=0, p3=0, p4=0, p5=50, sr=74, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--092ef104-Z--
--ac3e7e0a-A--
[01/Jul/2026:03:50:28.165208 +0000] akSOhGQBjtrsWOLrCF4d2gAAAE4 85.11.167.118 39674 172.26.37.160 7081
--ac3e7e0a-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: eonhk.com
X-Real-IP: 85.11.167.118
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Accept-Encoding: gzip, deflate, br
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-US,en;q=0.9,de;q=0.8
DNT: 1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Cache-Control: no-cache
Sec-Ch-Ua: "Not_A Brand";v="8", "Chromium";v="120", "Google Chrome";v="120"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Windows"
Cookie: wordpress_test_cookie=WP%20Cookie%20check
--ac3e7e0a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ac3e7e0a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eonhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akSOhGQBjtrsWOLrCF4d2gAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782877828161384 3915 (- - -)
Stopwatch2: 1782877828161384 3915; combined=1498, p1=289, p2=1144, p3=0, p4=0, p5=64, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ac3e7e0a-Z--
--7048755d-A--
[01/Jul/2026:03:51:23.083225 +0000] akSOu7Znq9k6bioFx0cSfgAAAAc 162.158.210.202 35130 172.26.37.160 7081
--7048755d-B--
GET /.env.local HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.202
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a14273aeafa5d0d4-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7048755d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7048755d-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.env.local"] [unique_id "akSOu7Znq9k6bioFx0cSfgAAAAc"]
Action: Intercepted (phase 1)
Stopwatch: 1782877883082400 918 (- - -)
Stopwatch2: 1782877883082400 918; combined=256, p1=192, p2=0, p3=0, p4=0, p5=61, sr=84, sw=3, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7048755d-Z--
--cc250b4e-A--
[01/Jul/2026:03:51:23.161907 +0000] akSOu7Znq9k6bioFx0cSfwAAABE 162.158.210.202 35144 172.26.37.160 7081
--cc250b4e-B--
GET /.env HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.202
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a14273b13fb3d0e3-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--cc250b4e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cc250b4e-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.env"] [unique_id "akSOu7Znq9k6bioFx0cSfwAAABE"]
Action: Intercepted (phase 1)
Stopwatch: 1782877883161056 949 (- - -)
Stopwatch2: 1782877883161056 949; combined=257, p1=178, p2=0, p3=0, p4=0, p5=78, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cc250b4e-Z--
--ce369356-A--
[01/Jul/2026:03:51:23.401292 +0000] akSOu7Znq9k6bioFx0cSgAAAAAY 162.158.210.202 35146 172.26.37.160 7081
--ce369356-B--
GET /.env.example HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.202
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a14273b2aa877141-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ce369356-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ce369356-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.env.example"] [unique_id "akSOu7Znq9k6bioFx0cSgAAAAAY"]
Action: Intercepted (phase 1)
Stopwatch: 1782877883400688 882 (- - -)
Stopwatch2: 1782877883400688 882; combined=251, p1=201, p2=0, p3=0, p4=0, p5=49, sr=97, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ce369356-Z--
--4a311b7a-A--
[01/Jul/2026:03:51:25.475363 +0000] akSOvbZnq9k6bioFx0cSgQAAAA4 162.158.210.202 53272 172.26.37.160 7081
--4a311b7a-B--
GET /.env.production HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.202
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a14273bfaf15d0e3-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4a311b7a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4a311b7a-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.env.production"] [unique_id "akSOvbZnq9k6bioFx0cSgQAAAA4"]
Action: Intercepted (phase 1)
Stopwatch: 1782877885474511 940 (- - -)
Stopwatch2: 1782877885474511 940; combined=256, p1=191, p2=0, p3=0, p4=0, p5=64, sr=88, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4a311b7a-Z--
--9104655b-A--
[01/Jul/2026:03:51:27.807916 +0000] akSOvxLDPx3Xe4AODnNyRgAAAJc 162.158.210.202 53278 172.26.37.160 7081
--9104655b-B--
GET /.env.backup HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.202
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a14273ce38c6d0ef-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9104655b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9104655b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.env.backup"] [unique_id "akSOvxLDPx3Xe4AODnNyRgAAAJc"]
Action: Intercepted (phase 1)
Stopwatch: 1782877887806335 1670 (- - -)
Stopwatch2: 1782877887806335 1670; combined=242, p1=190, p2=0, p3=0, p4=0, p5=51, sr=74, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9104655b-Z--
--0db7122c-A--
[01/Jul/2026:03:51:27.835934 +0000] akSOv2QBjtrsWOLrCF4d5wAAAEc 162.158.210.202 53294 172.26.37.160 7081
--0db7122c-B--
GET /.env.old HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.210.202
X-Forwarded-For: 158.94.210.233
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
cf-ray: a14273ce686ed0e4-SOF
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 158.94.210.233
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0db7122c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0db7122c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/.env.old"] [unique_id "akSOv2QBjtrsWOLrCF4d5wAAAEc"]
Action: Intercepted (phase 1)
Stopwatch: 1782877887835327 707 (- - -)
Stopwatch2: 1782877887835327 707; combined=268, p1=183, p2=0, p3=0, p4=0, p5=84, sr=74, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0db7122c-Z--
--3df93162-A--
[01/Jul/2026:03:52:41.883059 +0000] akSPCbZnq9k6bioFx0cSkwAAAAg 138.199.60.14 41354 172.26.37.160 7081
--3df93162-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 138.199.60.14
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:121.0) Gecko/20100101 Firefox/121.0
Accept-Encoding: gzip, deflate, br
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-US,en;q=0.9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Referer: https://t.co/
Cookie: wordpress_test_cookie=WP%20Cookie%20check
--3df93162-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3df93162-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users"] [unique_id "akSPCbZnq9k6bioFx0cSkwAAAAg"]
Action: Intercepted (phase 2)
Stopwatch: 1782877961880043 3098 (- - -)
Stopwatch2: 1782877961880043 3098; combined=1545, p1=332, p2=813, p3=0, p4=0, p5=399, sr=77, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3df93162-Z--
--02c32d45-A--
[01/Jul/2026:03:55:14.362530 +0000] akSPomQBjtrsWOLrCF4eFAAAAFA 162.0.226.2 48434 172.26.37.160 7081
--02c32d45-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: avmhk.com
X-Real-IP: 162.0.226.2
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46QWRtaW4yMDIyIQ==
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--02c32d45-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--02c32d45-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSPomQBjtrsWOLrCF4eFAAAAFA"]
Action: Intercepted (phase 2)
Stopwatch: 1782878114359970 2628 (- - -)
Stopwatch2: 1782878114359970 2628; combined=863, p1=312, p2=482, p3=0, p4=0, p5=69, sr=73, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--02c32d45-Z--
--58f9f440-A--
[01/Jul/2026:04:10:21.381193 +0000] akSTKxLDPx3Xe4AODnN1IgAAAIk 34.118.67.162 54368 172.26.37.160 7081
--58f9f440-B--
GET /wp-content/themes/woodmart/css/parts/int-rev-slider.min.css?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 34.118.67.162
X-Accel-Internal: /internal-nginx-static-location
pragma: no-cache
cache-control: no-cache
user-agent: Mozilla/5.0 (iPhone13,2; U; CPU iPhone OS 14_0 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/15E148 Safari/602.1
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://eonhk.com/
accept-encoding: gzip, deflate, br
priority: u=0
--58f9f440-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
Last-Modified: Tue, 10 Dec 2024 10:29:06 GMT
ETag: "289-628e7f3606080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 303
Content-Type: text/css
--58f9f440-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "172.71.124.61_ae2de548acc5f7bfee66f1eca77784a02a802ddd"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "172.71.124.61_ae2de548acc5f7bfee66f1eca77784a02a802ddd"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/css/parts/int-rev-slider.min.css"] [unique_id "akSTKxLDPx3Xe4AODnN1IgAAAIk"]
Stopwatch: 1782879019650156 1731120 (- - -)
Stopwatch2: 1782879019650156 1731120; combined=3409479, p1=244, p2=1670, p3=36, p4=22, p5=1703815, sr=72, sw=1, l=0, gc=1703691
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--58f9f440-Z--
--b5a62317-A--
[01/Jul/2026:04:16:07.952539 +0000] akSUh3deNr8w1n3AFEzETAAAAFE 113.160.142.119 44748 172.26.37.160 7081
--b5a62317-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 113.160.142.119
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://sunchongfung.com/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--b5a62317-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b5a62317-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sunchongfung.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sunchongfung.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sunchongfung.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSUh3deNr8w1n3AFEzETAAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782879367949474 3133 (- - -)
Stopwatch2: 1782879367949474 3133; combined=1751, p1=313, p2=1119, p3=0, p4=0, p5=318, sr=76, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b5a62317-Z--
--5a669c4c-A--
[01/Jul/2026:04:16:08.242977 +0000] akSUiBLDPx3Xe4AODnN2QwAAAJM 172.68.164.138 44760 172.26.37.160 7081
--5a669c4c-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.airvenushk.com
X-Real-IP: 172.68.164.138
X-Forwarded-For: 103.127.30.137
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWlyLXZlbnVzOmFpci12ZW51c0AyMDIy
accept: application/json
user-agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
accept-encoding: gzip, br
cf-ray: a14297f34c10f8c6-SIN
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.127.30.137
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5a669c4c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5a669c4c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.airvenushk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSUiBLDPx3Xe4AODnN2QwAAAJM"]
Action: Intercepted (phase 2)
Stopwatch: 1782879368238791 5312 (- - -)
Stopwatch2: 1782879368238791 5312; combined=1380, p1=321, p2=584, p3=0, p4=0, p5=474, sr=104, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5a669c4c-Z--
--83fdfb25-A--
[01/Jul/2026:04:20:28.597189 +0000] akSVjBLDPx3Xe4AODnN2cwAAAI0 178.156.206.238 51736 172.26.37.160 7081
--83fdfb25-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 178.156.206.238
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://preemptivestrategies.hk/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--83fdfb25-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--83fdfb25-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSVjBLDPx3Xe4AODnN2cwAAAI0"]
Action: Intercepted (phase 2)
Stopwatch: 1782879628593884 5273 (- - -)
Stopwatch2: 1782879628593884 5273; combined=847, p1=303, p2=483, p3=0, p4=0, p5=60, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--83fdfb25-Z--
--a3545d7e-A--
[01/Jul/2026:04:20:43.662080 +0000] akSVmxLDPx3Xe4AODnN2fAAAAIg 142.93.127.245 42294 172.26.37.160 7080
--a3545d7e-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--a3545d7e-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--a3545d7e-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akSVmxLDPx3Xe4AODnN2fAAAAIg"]
Action: Intercepted (phase 1)
Stopwatch: 1782879643661574 545 (- - -)
Stopwatch2: 1782879643661574 545; combined=254, p1=194, p2=0, p3=0, p4=0, p5=60, sr=82, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a3545d7e-Z--
--3fbbe758-A--
[01/Jul/2026:04:20:50.742835 +0000] akSVondeNr8w1n3AFEzEmQAAAEo 142.93.127.245 38596 172.26.37.160 7081
--3fbbe758-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--3fbbe758-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--3fbbe758-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akSVondeNr8w1n3AFEzEmQAAAEo"]
Action: Intercepted (phase 1)
Stopwatch: 1782879650742292 583 (- - -)
Stopwatch2: 1782879650742292 583; combined=302, p1=217, p2=0, p3=0, p4=0, p5=84, sr=77, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3fbbe758-Z--
--749ed950-A--
[01/Jul/2026:04:47:22.909932 +0000] akSb2iYJJL15H5gxDsHtfwAAAMk 162.158.108.66 56224 172.26.37.160 7081
--749ed950-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.66
X-Forwarded-For: 103.59.161.173
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
sec-fetch-mode: navigate
sec-fetch-site: cross-site
pragma: no-cache
cf-ray: a142c5b81cb6fd27-SIN
sec-fetch-user: ?1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15
accept-encoding: gzip, br
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
accept-language: en-US,en;q=0.8,es;q=0.6
upgrade-insecure-requests: 1
sec-fetch-dest: document
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.59.161.173
cf-ipcountry: ID
cf-visitor: {"scheme":"https"}
cookie: wordpress_test_cookie=WP%20Cookie%20check
--749ed950-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--749ed950-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "simottodesign.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akSb2iYJJL15H5gxDsHtfwAAAMk"]
Action: Intercepted (phase 2)
Stopwatch: 1782881242906827 3201 (- - -)
Stopwatch2: 1782881242906827 3201; combined=1548, p1=691, p2=807, p3=0, p4=0, p5=49, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--749ed950-Z--
--0de16333-A--
[01/Jul/2026:05:01:17.700863 +0000] akSfHXdeNr8w1n3AFEzHRgAAAEU 197.234.243.122 43898 172.26.37.160 7081
--0de16333-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: airvenushk.com
X-Real-IP: 197.234.243.122
X-Forwarded-For: 105.245.118.91
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, br
accept: */*
user-agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
accept-language: en-US
cf-ray: a142da143851bc14-JNB
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 105.245.118.91
cf-ipcountry: ZA
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0de16333-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0de16333-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "airvenushk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akSfHXdeNr8w1n3AFEzHRgAAAEU"]
Action: Intercepted (phase 2)
Stopwatch: 1782882077696557 7352 (- - -)
Stopwatch2: 1782882077696557 7352; combined=2091, p1=363, p2=1673, p3=0, p4=0, p5=54, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0de16333-Z--
--253bb048-A--
[01/Jul/2026:05:04:50.693901 +0000] akSf8iYJJL15H5gxDsHuiwAAANA 172.71.147.33 50166 172.26.37.160 7081
--253bb048-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.71.147.33
X-Forwarded-For: 45.145.128.221
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
sec-fetch-mode: navigate
sec-fetch-site: none
user-agent: Go-http-client/1.1
upgrade-insecure-requests: 1
cf-ray: a142df4a0b8ab12c-SEA
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, br
accept-language: en-US,en;q=0.9
cache-control: max-age=0
sec-ch-ua: "Not_A Brand";v="8", "Chromium";v="120"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: document
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 45.145.128.221
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
--253bb048-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--253bb048-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||immunehk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||immunehk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "immunehk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akSf8iYJJL15H5gxDsHuiwAAANA"]
Action: Intercepted (phase 2)
Stopwatch: 1782882290691779 2242 (- - -)
Stopwatch2: 1782882290691779 2242; combined=1025, p1=307, p2=669, p3=0, p4=0, p5=48, sr=74, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--253bb048-Z--
--9e818a7c-A--
[01/Jul/2026:05:07:24.743117 +0000] akSgjHdeNr8w1n3AFEzHtQAAAFg 43.129.169.161 56620 172.26.37.160 7080
--9e818a7c-B--
HEAD /Core/Skin/Login.aspx HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 43.129.169.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cache-Control: no-cache
Pragma: no-cache
Proxy-Connection: keep-alive
--9e818a7c-F--
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=iso-8859-1
--9e818a7c-H--
Message: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||18.142.40.148|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||18.142.40.148|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/Core/Skin/Login.aspx"] [unique_id "akSgjHdeNr8w1n3AFEzHtQAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782882444741196 1969 (- - -)
Stopwatch2: 1782882444741196 1969; combined=735, p1=371, p2=310, p3=0, p4=0, p5=54, sr=143, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9e818a7c-Z--
--5b2c7e5a-A--
[01/Jul/2026:05:07:41.162261 +0000] akSgnSYJJL15H5gxDsHu4wAAANE 172.69.166.124 43116 172.26.37.160 7081
--5b2c7e5a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142e3762ad59b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5b2c7e5a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5b2c7e5a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSgnSYJJL15H5gxDsHu4wAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782882461159010 3329 (- - -)
Stopwatch2: 1782882461159010 3329; combined=2156, p1=369, p2=1622, p3=0, p4=0, p5=108, sr=77, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5b2c7e5a-Z--
--d19b9f18-A--
[01/Jul/2026:05:09:06.854103 +0000] akSg8ndeNr8w1n3AFEzIOAAAAFM 172.69.166.124 54156 172.26.37.160 7081
--d19b9f18-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142e58dba349b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--d19b9f18-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d19b9f18-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSg8ndeNr8w1n3AFEzIOAAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782882546851054 3127 (- - -)
Stopwatch2: 1782882546851054 3127; combined=1982, p1=734, p2=1076, p3=0, p4=0, p5=110, sr=85, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d19b9f18-Z--
--c91a2072-A--
[01/Jul/2026:05:09:38.812800 +0000] akShEiYJJL15H5gxDsHvbAAAAMg 172.69.166.124 55576 172.26.37.160 7081
--c91a2072-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142e6558f829b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c91a2072-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c91a2072-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akShEiYJJL15H5gxDsHvbAAAAMg"]
Action: Intercepted (phase 2)
Stopwatch: 1782882578809147 3737 (- - -)
Stopwatch2: 1782882578809147 3737; combined=1882, p1=315, p2=1388, p3=0, p4=0, p5=116, sr=73, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c91a2072-Z--
--701bbf48-A--
[01/Jul/2026:05:10:10.720096 +0000] akShMod7AzrIhCzMcGZRtAAAABM 172.69.166.124 34686 172.26.37.160 7081
--701bbf48-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 727
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142e71cefcf9b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--701bbf48-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--701bbf48-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akShMod7AzrIhCzMcGZRtAAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782882610716818 3362 (- - -)
Stopwatch2: 1782882610716818 3362; combined=2085, p1=794, p2=1118, p3=0, p4=0, p5=111, sr=75, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--701bbf48-Z--
--88258055-A--
[01/Jul/2026:05:10:53.108267 +0000] akShXXdeNr8w1n3AFEzJmgAAAE8 172.69.166.124 48400 172.26.37.160 7081
--88258055-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142e825c9919b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--88258055-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--88258055-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akShXXdeNr8w1n3AFEzJmgAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782882653104295 4053 (- - -)
Stopwatch2: 1782882653104295 4053; combined=1905, p1=568, p2=1109, p3=0, p4=0, p5=157, sr=81, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--88258055-Z--
--e853047e-A--
[01/Jul/2026:05:11:24.965170 +0000] akShfId7AzrIhCzMcGZSFwAAAAI 172.69.166.124 36788 172.26.37.160 7081
--e853047e-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 727
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142e8ecea069b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e853047e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e853047e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akShfId7AzrIhCzMcGZSFwAAAAI"]
Action: Intercepted (phase 2)
Stopwatch: 1782882684961147 4107 (- - -)
Stopwatch2: 1782882684961147 4107; combined=1542, p1=318, p2=1040, p3=0, p4=0, p5=122, sr=74, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e853047e-Z--
--4b90f237-A--
[01/Jul/2026:05:12:28.658190 +0000] akShvCYJJL15H5gxDsHxNgAAANI 172.69.166.124 45870 172.26.37.160 7081
--4b90f237-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 737
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142ea7b09029b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4b90f237-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4b90f237-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akShvCYJJL15H5gxDsHxNgAAANI"]
Action: Intercepted (phase 2)
Stopwatch: 1782882748653115 6117 (- - -)
Stopwatch2: 1782882748653115 6117; combined=1638, p1=359, p2=1101, p3=0, p4=0, p5=116, sr=76, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4b90f237-Z--
--7ca41f12-A--
[01/Jul/2026:05:13:11.155140 +0000] akSh53deNr8w1n3AFEzKDAAAAEY 172.69.166.124 47270 172.26.37.160 7081
--7ca41f12-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 728
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142eb84aad89b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7ca41f12-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7ca41f12-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSh53deNr8w1n3AFEzKDAAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782882791151674 3574 (- - -)
Stopwatch2: 1782882791151674 3574; combined=1664, p1=407, p2=1075, p3=0, p4=0, p5=119, sr=138, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7ca41f12-Z--
--ac0c1672-A--
[01/Jul/2026:05:13:43.014180 +0000] akSiB4d7AzrIhCzMcGZS-gAAABE 172.69.166.124 47700 172.26.37.160 7081
--ac0c1672-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142ec4bbbad9b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ac0c1672-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ac0c1672-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSiB4d7AzrIhCzMcGZS-gAAABE"]
Action: Intercepted (phase 2)
Stopwatch: 1782882823010740 3548 (- - -)
Stopwatch2: 1782882823010740 3548; combined=1714, p1=342, p2=1113, p3=0, p4=0, p5=177, sr=75, sw=82, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ac0c1672-Z--
--6d519d51-A--
[01/Jul/2026:05:14:25.492466 +0000] akSiMXdeNr8w1n3AFEzKkgAAAFU 172.69.166.124 44458 172.26.37.160 7081
--6d519d51-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142ed553daa9b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6d519d51-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6d519d51-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSiMXdeNr8w1n3AFEzKkgAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782882865489546 3005 (- - -)
Stopwatch2: 1782882865489546 3005; combined=1607, p1=355, p2=1060, p3=0, p4=0, p5=129, sr=99, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6d519d51-Z--
--af69c708-A--
[01/Jul/2026:05:14:57.331802 +0000] akSiUYd7AzrIhCzMcGZTFQAAAAE 172.69.166.124 45982 172.26.37.160 7081
--af69c708-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142ee1c3e959b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--af69c708-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--af69c708-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSiUYd7AzrIhCzMcGZTFQAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782882897326354 6488 (- - -)
Stopwatch2: 1782882897326354 6488; combined=4118, p1=1813, p2=2095, p3=0, p4=0, p5=132, sr=70, sw=78, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--af69c708-Z--
--c995d352-A--
[01/Jul/2026:05:16:11.685324 +0000] akSim4d7AzrIhCzMcGZTOQAAABM 172.69.166.124 60694 172.26.37.160 7081
--c995d352-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142efecec239b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c995d352-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c995d352-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSim4d7AzrIhCzMcGZTOQAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782882971681679 3762 (- - -)
Stopwatch2: 1782882971681679 3762; combined=2506, p1=365, p2=1979, p3=0, p4=0, p5=105, sr=87, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c995d352-Z--
--4487152a-A--
[01/Jul/2026:05:16:54.210065 +0000] akSixiYJJL15H5gxDsHx7QAAAMI 172.69.166.124 34558 172.26.37.160 7081
--4487152a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 731
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142f0f6ba659b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4487152a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4487152a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSixiYJJL15H5gxDsHx7QAAAMI"]
Action: Intercepted (phase 2)
Stopwatch: 1782883014205508 4638 (- - -)
Stopwatch2: 1782883014205508 4638; combined=1835, p1=328, p2=1322, p3=0, p4=0, p5=120, sr=72, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4487152a-Z--
--b68da827-A--
[01/Jul/2026:05:18:29.732252 +0000] akSjJSYJJL15H5gxDsHx-QAAAM4 172.69.166.124 58624 172.26.37.160 7081
--b68da827-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142f34bb9469b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--b68da827-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b68da827-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSjJSYJJL15H5gxDsHx-QAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782883109728356 3987 (- - -)
Stopwatch2: 1782883109728356 3987; combined=2093, p1=317, p2=1578, p3=0, p4=0, p5=135, sr=69, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b68da827-Z--
--77c6fe01-A--
[01/Jul/2026:05:18:51.027160 +0000] akSjO4d7AzrIhCzMcGZTbwAAABc 172.69.166.124 58990 172.26.37.160 7081
--77c6fe01-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 728
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142f3d0dc849b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--77c6fe01-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--77c6fe01-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSjO4d7AzrIhCzMcGZTbwAAABc"]
Action: Intercepted (phase 2)
Stopwatch: 1782883131023183 4059 (- - -)
Stopwatch2: 1782883131023183 4059; combined=2343, p1=348, p2=1095, p3=0, p4=0, p5=498, sr=78, sw=402, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--77c6fe01-Z--
--d9ad1c4a-A--
[01/Jul/2026:05:19:44.365340 +0000] akSjcId7AzrIhCzMcGZTtwAAABQ 172.69.166.124 34426 172.26.37.160 7081
--d9ad1c4a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142f51e39539b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--d9ad1c4a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d9ad1c4a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSjcId7AzrIhCzMcGZTtwAAABQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782883184362536 2930 (- - -)
Stopwatch2: 1782883184362536 2930; combined=1629, p1=355, p2=1108, p3=0, p4=0, p5=108, sr=82, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d9ad1c4a-Z--
--30b9fb19-A--
[01/Jul/2026:05:20:26.802919 +0000] akSjmiYJJL15H5gxDsHyMAAAAM4 172.69.166.124 42930 172.26.37.160 7081
--30b9fb19-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142f6276a8a9b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--30b9fb19-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--30b9fb19-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSjmiYJJL15H5gxDsHyMAAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782883226799163 4241 (- - -)
Stopwatch2: 1782883226799163 4241; combined=1676, p1=377, p2=1106, p3=0, p4=0, p5=127, sr=75, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--30b9fb19-Z--
--e46e6203-A--
[01/Jul/2026:05:20:48.034382 +0000] akSjsCYJJL15H5gxDsHyNQAAANU 172.69.166.124 40232 172.26.37.160 7081
--e46e6203-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142f6ac2f649b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e46e6203-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e46e6203-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSjsCYJJL15H5gxDsHyNQAAANU"]
Action: Intercepted (phase 2)
Stopwatch: 1782883248031517 2951 (- - -)
Stopwatch2: 1782883248031517 2951; combined=1594, p1=324, p2=1100, p3=0, p4=0, p5=112, sr=74, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e46e6203-Z--
--c5529a6f-A--
[01/Jul/2026:05:21:51.904010 +0000] akSj73deNr8w1n3AFEzLIwAAAEo 172.69.166.124 52842 172.26.37.160 7081
--c5529a6f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142f83b4b9f9b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c5529a6f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c5529a6f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSj73deNr8w1n3AFEzLIwAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782883311901071 3026 (- - -)
Stopwatch2: 1782883311901071 3026; combined=1619, p1=319, p2=1113, p3=0, p4=0, p5=127, sr=77, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c5529a6f-Z--
--5f548478-A--
[01/Jul/2026:05:22:13.011355 +0000] akSkBYd7AzrIhCzMcGZT@AAAAAc 172.69.166.124 34530 172.26.37.160 7081
--5f548478-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142f8bf3a399b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5f548478-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5f548478-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSkBYd7AzrIhCzMcGZT@AAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782883333006264 5183 (- - -)
Stopwatch2: 1782883333006264 5183; combined=3765, p1=1867, p2=1719, p3=0, p4=0, p5=117, sr=74, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5f548478-Z--
--eaaf6d09-A--
[01/Jul/2026:05:23:37.902988 +0000] akSkWSYJJL15H5gxDsHyWQAAANM 172.69.166.124 58824 172.26.37.160 7081
--eaaf6d09-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142fad1ce539b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--eaaf6d09-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--eaaf6d09-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSkWSYJJL15H5gxDsHyWQAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782883417897908 5209 (- - -)
Stopwatch2: 1782883417897908 5209; combined=2446, p1=436, p2=1734, p3=0, p4=0, p5=180, sr=90, sw=96, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--eaaf6d09-Z--
--73603d1e-A--
[01/Jul/2026:05:24:20.459279 +0000] akSkhHdeNr8w1n3AFEzLQQAAAEk 172.69.166.124 60510 172.26.37.160 7081
--73603d1e-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142fbdbca3e9b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--73603d1e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--73603d1e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSkhHdeNr8w1n3AFEzLQQAAAEk"]
Action: Intercepted (phase 2)
Stopwatch: 1782883460455434 4982 (- - -)
Stopwatch2: 1782883460455434 4982; combined=2285, p1=806, p2=1302, p3=0, p4=0, p5=120, sr=87, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--73603d1e-Z--
--c0ff876c-A--
[01/Jul/2026:05:24:52.613783 +0000] akSkpId7AzrIhCzMcGZUJQAAAA4 162.158.108.67 34686 172.26.37.160 7081
--c0ff876c-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a142fca4bfeefce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c0ff876c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c0ff876c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSkpId7AzrIhCzMcGZUJQAAAA4"]
Action: Intercepted (phase 2)
Stopwatch: 1782883492610858 3004 (- - -)
Stopwatch2: 1782883492610858 3004; combined=1690, p1=362, p2=1111, p3=0, p4=0, p5=135, sr=83, sw=82, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c0ff876c-Z--
--726fc86e-A--
[01/Jul/2026:05:25:03.399852 +0000] akSkr4d7AzrIhCzMcGZUKgAAAAY 162.158.108.67 53874 172.26.37.160 7081
--726fc86e-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a142fce828bbfce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--726fc86e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--726fc86e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSkr4d7AzrIhCzMcGZUKgAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782883503396918 3017 (- - -)
Stopwatch2: 1782883503396918 3017; combined=1555, p1=306, p2=1085, p3=0, p4=0, p5=107, sr=68, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--726fc86e-Z--
--28e87668-A--
[01/Jul/2026:05:25:24.109651 +0000] akSkxHdeNr8w1n3AFEzLWQAAAFU 172.69.166.124 37100 172.26.37.160 7081
--28e87668-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142fd699ab09b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--28e87668-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--28e87668-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSkxHdeNr8w1n3AFEzLWQAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782883524105861 3905 (- - -)
Stopwatch2: 1782883524105861 3905; combined=2356, p1=1076, p2=1117, p3=0, p4=0, p5=109, sr=68, sw=54, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--28e87668-Z--
--ea4eec0a-A--
[01/Jul/2026:05:25:55.955281 +0000] akSk44d7AzrIhCzMcGZUPgAAABc 172.69.166.124 42606 172.26.37.160 7081
--ea4eec0a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a142fe30ab589b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ea4eec0a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ea4eec0a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSk44d7AzrIhCzMcGZUPgAAABc"]
Action: Intercepted (phase 2)
Stopwatch: 1782883555951447 3921 (- - -)
Stopwatch2: 1782883555951447 3921; combined=1653, p1=347, p2=1111, p3=0, p4=0, p5=131, sr=82, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ea4eec0a-Z--
--92db640c-A--
[01/Jul/2026:05:26:07.869169 +0000] akSk74d7AzrIhCzMcGZUQAAAAAE 162.158.108.67 55126 172.26.37.160 7081
--92db640c-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a142fe7b1ea1fce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--92db640c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--92db640c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSk74d7AzrIhCzMcGZUQAAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782883567865953 3321 (- - -)
Stopwatch2: 1782883567865953 3321; combined=2081, p1=753, p2=1080, p3=0, p4=0, p5=166, sr=87, sw=82, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--92db640c-Z--
--5797e25a-A--
[01/Jul/2026:05:26:18.455101 +0000] akSk@od7AzrIhCzMcGZURAAAABA 162.158.108.67 38446 172.26.37.160 7081
--5797e25a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a142febd3c99fce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5797e25a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5797e25a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSk@od7AzrIhCzMcGZURAAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782883578451626 3553 (- - -)
Stopwatch2: 1782883578451626 3553; combined=2413, p1=338, p2=1909, p3=0, p4=0, p5=108, sr=79, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5797e25a-Z--
--f6e1563a-A--
[01/Jul/2026:05:27:21.175662 +0000] akSlOXdeNr8w1n3AFEzLdgAAAFU 172.69.166.124 48992 172.26.37.160 7081
--f6e1563a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a143004538d89b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f6e1563a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f6e1563a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSlOXdeNr8w1n3AFEzLdgAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782883641171651 4127 (- - -)
Stopwatch2: 1782883641171651 4127; combined=2004, p1=356, p2=1427, p3=0, p4=0, p5=140, sr=70, sw=81, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f6e1563a-Z--
--124a5e11-A--
[01/Jul/2026:05:27:33.253825 +0000] akSlRSYJJL15H5gxDsHyfgAAANE 162.158.108.67 44688 172.26.37.160 7081
--124a5e11-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a1430090b9e6fce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--124a5e11-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--124a5e11-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSlRSYJJL15H5gxDsHyfgAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782883653250755 3174 (- - -)
Stopwatch2: 1782883653250755 3174; combined=2006, p1=681, p2=1095, p3=0, p4=0, p5=141, sr=85, sw=89, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--124a5e11-Z--
--d8b93278-A--
[01/Jul/2026:05:27:42.468273 +0000] akSlTiYJJL15H5gxDsHyggAAAMM 172.69.166.124 35316 172.26.37.160 7081
--d8b93278-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.166.124
X-Forwarded-For: 2401:4900:891e:9431:8d9f:afac:d360:ac16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.7,mr;q=0.3
cf-ray: a14300ca49099b96-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2401:4900:891e:9431:8d9f:afac:d360:ac16
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--d8b93278-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d8b93278-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.69.166.124 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSlTiYJJL15H5gxDsHyggAAAMM"]
Action: Intercepted (phase 2)
Stopwatch: 1782883662464653 3720 (- - -)
Stopwatch2: 1782883662464653 3720; combined=2440, p1=474, p2=1744, p3=0, p4=0, p5=146, sr=107, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d8b93278-Z--
--7f485e47-A--
[01/Jul/2026:05:28:05.114937 +0000] akSlZXdeNr8w1n3AFEzLfQAAAE4 162.158.108.67 59256 172.26.37.160 7081
--7f485e47-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a1430157ef85fce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7f485e47-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7f485e47-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSlZXdeNr8w1n3AFEzLfQAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782883685111329 3693 (- - -)
Stopwatch2: 1782883685111329 3693; combined=2030, p1=327, p2=1514, p3=0, p4=0, p5=127, sr=84, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7f485e47-Z--
--4f5bfd4c-A--
[01/Jul/2026:05:28:43.346175 +0000] akSliXdeNr8w1n3AFEzLkQAAAEc 47.128.115.140 42480 172.26.37.160 7081
--4f5bfd4c-B--
GET /wp-content/uploads/2025/04/20250513b3-430x430.jpg HTTP/1.1
Host: eonhk.com
X-Real-IP: 47.128.115.140
X-Accel-Internal: /internal-nginx-static-location
accept-language: en-US,en;q=0.5
user-agent: Mozilla/5.0 (compatible; Bytespider; [email protected]) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36
accept: image/heif,image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://eonhk.com/shop/page/51/?per_page=9&per_row=4&shop_view=grid
accept-encoding: identity
range: bytes=0-499
priority: u=1, i
cookie: shop_per_page=9; shop_view=grid; shop_per_row=4
--4f5bfd4c-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/uploads/2025/04/20250513b3-430x430.jpg
Content-Length: 0
Content-Type: image/jpeg
--4f5bfd4c-E--
--4f5bfd4c-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "105.245.118.91_62582728fc49e210e12ea58c2ed917fd4f33f677"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "105.245.118.91_62582728fc49e210e12ea58c2ed917fd4f33f677"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/uploads/2025/04/20250513b3-430x430.jpg"] [unique_id "akSliXdeNr8w1n3AFEzLkQAAAEc"]
Stopwatch: 1782883721932742 1414061 (- - -)
Stopwatch2: 1782883721932742 1414061; combined=2821273, p1=349, p2=1669, p3=28, p4=24, p5=1409618, sr=73, sw=1, l=0, gc=1409584
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4f5bfd4c-Z--
--b818a02b-A--
[01/Jul/2026:05:28:47.866168 +0000] akSlj4d7AzrIhCzMcGZUeQAAAAQ 162.158.108.67 42422 172.26.37.160 7081
--b818a02b-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a14302631bfffce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--b818a02b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b818a02b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSlj4d7AzrIhCzMcGZUeQAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782883727863478 2768 (- - -)
Stopwatch2: 1782883727863478 2768; combined=1609, p1=354, p2=1091, p3=0, p4=0, p5=106, sr=86, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b818a02b-Z--
--8f11015e-A--
[01/Jul/2026:05:28:51.051626 +0000] akSlk3deNr8w1n3AFEzLlQAAAFQ 172.71.124.204 42444 172.26.37.160 7081
--8f11015e-B--
GET /.env HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.71.124.204
X-Forwarded-For: 103.221.220.62
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1430276ec36ce86-SIN
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.221.220.62
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8f11015e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8f11015e-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/.env"] [unique_id "akSlk3deNr8w1n3AFEzLlQAAAFQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782883731050326 1640 (- - -)
Stopwatch2: 1782883731050326 1640; combined=269, p1=219, p2=0, p3=0, p4=0, p5=49, sr=92, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8f11015e-Z--
--738c122c-A--
[01/Jul/2026:05:28:51.054310 +0000] akSlk4d7AzrIhCzMcGZUegAAABI 162.158.163.180 42460 172.26.37.160 7081
--738c122c-B--
GET /backend/.env HTTP/1.1
Host: immunehk.com
X-Real-IP: 162.158.163.180
X-Forwarded-For: 103.221.220.62
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1430276eb6d5f47-SIN
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.221.220.62
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--738c122c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--738c122c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/backend/.env"] [unique_id "akSlk4d7AzrIhCzMcGZUegAAABI"]
Action: Intercepted (phase 1)
Stopwatch: 1782883731053255 1126 (- - -)
Stopwatch2: 1782883731053255 1126; combined=210, p1=156, p2=0, p3=0, p4=0, p5=54, sr=62, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--738c122c-Z--
--d86f3c5d-A--
[01/Jul/2026:05:28:51.056792 +0000] akSlk4d7AzrIhCzMcGZUewAAAAo 172.69.176.153 42464 172.26.37.160 7081
--d86f3c5d-B--
GET /core/.env HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.69.176.153
X-Forwarded-For: 103.221.220.62
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1430276fae46494-SIN
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.221.220.62
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--d86f3c5d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d86f3c5d-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/core/.env"] [unique_id "akSlk4d7AzrIhCzMcGZUewAAAAo"]
Action: Intercepted (phase 1)
Stopwatch: 1782883731056249 610 (- - -)
Stopwatch2: 1782883731056249 610; combined=203, p1=159, p2=0, p3=0, p4=0, p5=44, sr=78, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d86f3c5d-Z--
--a0340815-A--
[01/Jul/2026:05:28:51.148895 +0000] akSlk3deNr8w1n3AFEzLlgAAAE8 172.70.93.82 42480 172.26.37.160 7081
--a0340815-B--
GET /api/.env HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.70.93.82
X-Forwarded-For: 103.221.220.62
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1430277885d3883-SIN
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.221.220.62
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a0340815-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a0340815-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/api/.env"] [unique_id "akSlk3deNr8w1n3AFEzLlgAAAE8"]
Action: Intercepted (phase 1)
Stopwatch: 1782883731148334 683 (- - -)
Stopwatch2: 1782883731148334 683; combined=227, p1=175, p2=0, p3=0, p4=0, p5=51, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a0340815-Z--
--3e836438-A--
[01/Jul/2026:05:28:51.155674 +0000] akSlk3deNr8w1n3AFEzLlwAAAFc 162.158.163.180 42486 172.26.37.160 7081
--3e836438-B--
GET /new/.env HTTP/1.1
Host: immunehk.com
X-Real-IP: 162.158.163.180
X-Forwarded-For: 103.221.220.62
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14302778f551195-SIN
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.221.220.62
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3e836438-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3e836438-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/new/.env"] [unique_id "akSlk3deNr8w1n3AFEzLlwAAAFc"]
Action: Intercepted (phase 1)
Stopwatch: 1782883731154777 972 (- - -)
Stopwatch2: 1782883731154777 972; combined=594, p1=541, p2=0, p3=0, p4=0, p5=52, sr=64, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3e836438-Z--
--00933601-A--
[01/Jul/2026:05:28:51.239322 +0000] akSlk4d7AzrIhCzMcGZUfAAAABA 162.158.163.180 42504 172.26.37.160 7081
--00933601-B--
GET /admin/.env HTTP/1.1
Host: immunehk.com
X-Real-IP: 162.158.163.180
X-Forwarded-For: 103.221.220.62
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14302782f9ed8e3-SIN
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.221.220.62
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--00933601-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--00933601-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/admin/.env"] [unique_id "akSlk4d7AzrIhCzMcGZUfAAAABA"]
Action: Intercepted (phase 1)
Stopwatch: 1782883731238286 1136 (- - -)
Stopwatch2: 1782883731238286 1136; combined=690, p1=638, p2=0, p3=0, p4=0, p5=51, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--00933601-Z--
--3156e44c-A--
[01/Jul/2026:05:28:51.251500 +0000] akSlk4d7AzrIhCzMcGZUfQAAABE 172.71.124.204 42508 172.26.37.160 7081
--3156e44c-B--
GET /app/.env HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.71.124.204
X-Forwarded-For: 103.221.220.62
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a143027839cace32-SIN
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.221.220.62
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3156e44c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3156e44c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/app/.env"] [unique_id "akSlk4d7AzrIhCzMcGZUfQAAABE"]
Action: Intercepted (phase 1)
Stopwatch: 1782883731250566 1047 (- - -)
Stopwatch2: 1782883731250566 1047; combined=224, p1=178, p2=0, p3=0, p4=0, p5=45, sr=62, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3156e44c-Z--
--b03de70f-A--
[01/Jul/2026:05:28:51.356444 +0000] akSlk3deNr8w1n3AFEzLmQAAAEw 172.70.208.32 42512 172.26.37.160 7081
--b03de70f-B--
GET /bank/.env HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.70.208.32
X-Forwarded-For: 103.221.220.62
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1430278c978fd80-SIN
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.221.220.62
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--b03de70f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b03de70f-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/bank/.env"] [unique_id "akSlk3deNr8w1n3AFEzLmQAAAEw"]
Action: Intercepted (phase 1)
Stopwatch: 1782883731355848 691 (- - -)
Stopwatch2: 1782883731355848 691; combined=251, p1=195, p2=0, p3=0, p4=0, p5=55, sr=75, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b03de70f-Z--
--4233cf58-A--
[01/Jul/2026:05:28:51.538790 +0000] akSlk4d7AzrIhCzMcGZUfgAAAAM 172.70.93.82 42524 172.26.37.160 7081
--4233cf58-B--
GET /member/.env HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.70.93.82
X-Forwarded-For: 103.221.220.62
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a143027a09ea7d50-SIN
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 103.221.220.62
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4233cf58-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4233cf58-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/member/.env"] [unique_id "akSlk4d7AzrIhCzMcGZUfgAAAAM"]
Action: Intercepted (phase 1)
Stopwatch: 1782883731537958 903 (- - -)
Stopwatch2: 1782883731537958 903; combined=261, p1=201, p2=0, p3=0, p4=0, p5=60, sr=81, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4233cf58-Z--
--eb7c7f03-A--
[01/Jul/2026:05:29:11.924451 +0000] akSlp4d7AzrIhCzMcGZUpAAAAAU 162.158.108.67 45832 172.26.37.160 7081
--eb7c7f03-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a14302f96c40fce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--eb7c7f03-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--eb7c7f03-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSlp4d7AzrIhCzMcGZUpAAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782883751920879 3652 (- - -)
Stopwatch2: 1782883751920879 3652; combined=2039, p1=358, p2=1521, p3=0, p4=0, p5=105, sr=97, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--eb7c7f03-Z--
--243b4926-A--
[01/Jul/2026:05:30:05.260779 +0000] akSl3Yd7AzrIhCzMcGZUrgAAAAA 162.158.108.67 59492 172.26.37.160 7081
--243b4926-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a1430446ccacfce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--243b4926-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--243b4926-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSl3Yd7AzrIhCzMcGZUrgAAAAA"]
Action: Intercepted (phase 2)
Stopwatch: 1782883805256821 4041 (- - -)
Stopwatch2: 1782883805256821 4041; combined=2132, p1=321, p2=1597, p3=0, p4=0, p5=136, sr=75, sw=78, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--243b4926-Z--
--a55d5b74-A--
[01/Jul/2026:05:30:15.846731 +0000] akSl54d7AzrIhCzMcGZUsAAAABY 162.158.108.67 57588 172.26.37.160 7081
--a55d5b74-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.108.67
X-Forwarded-For: 122.163.138.107
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a1430488eedefce3-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 122.163.138.107
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a55d5b74-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a55d5b74-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.163.138.107 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akSl54d7AzrIhCzMcGZUsAAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782883815842835 4146 (- - -)
Stopwatch2: 1782883815842835 4146; combined=2692, p1=345, p2=2105, p3=0, p4=0, p5=150, sr=88, sw=92, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a55d5b74-Z--
--9f7f1935-A--
[01/Jul/2026:05:35:54.838112 +0000] akSnOId7AzrIhCzMcGZVKAAAAAc 223.17.53.207 38868 172.26.37.160 7081
--9f7f1935-B--
GET /wp-content/themes/woodmart/css/parts/woo-widget-wd-layered-nav.min.css?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 223.17.53.207
X-Accel-Internal: /internal-nginx-static-location
sec-fetch-dest: style
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_6_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.6 Mobile/15E148 Safari/604.1
accept: text/css,*/*;q=0.1
referer: https://eonhk.com/product-category/furniture/chair-%E6%A4%85%E5%AD%90/page/2/
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
accept-language: en-GB,en;q=0.9
priority: u=1, i
accept-encoding: gzip, deflate, br
--9f7f1935-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/themes/woodmart/css/parts/woo-widget-wd-layered-nav.min.css
Content-Length: 0
Content-Type: text/css
--9f7f1935-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "105.245.118.91_1da1eaf17e742b97174692f6926297ecd5345a2a"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "105.245.118.91_1da1eaf17e742b97174692f6926297ecd5345a2a"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/css/parts/woo-widget-wd-layered-nav.min.css"] [unique_id "akSnOId7AzrIhCzMcGZVKAAAAAc"]
Stopwatch: 1782884152092287 2745893 (- - -)
Stopwatch2: 1782884152092287 2745893; combined=4524091, p1=344, p2=21254, p3=21, p4=437, p5=2256602, sr=67, sw=1, l=0, gc=2245432
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9f7f1935-Z--
--96eb0105-A--
[01/Jul/2026:05:35:54.839358 +0000] akSnOId7AzrIhCzMcGZVJQAAABU 223.17.53.207 39066 172.26.37.160 7081
--96eb0105-B--
GET /wp-content/themes/woodmart/css/parts/mod-tools.min.css?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 223.17.53.207
X-Accel-Internal: /internal-nginx-static-location
sec-fetch-dest: style
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_6_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.6 Mobile/15E148 Safari/604.1
accept: text/css,*/*;q=0.1
referer: https://eonhk.com/product-category/furniture/chair-%E6%A4%85%E5%AD%90/page/2/
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
accept-language: en-GB,en;q=0.9
priority: u=1, i
accept-encoding: gzip, deflate, br
--96eb0105-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/themes/woodmart/css/parts/mod-tools.min.css
Content-Length: 0
Content-Type: text/css
--96eb0105-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "20.153.140.50_1560e35decbcf1542ae720d76e3937642edcc47f"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "20.153.140.50_1560e35decbcf1542ae720d76e3937642edcc47f"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/css/parts/mod-tools.min.css"] [unique_id "akSnOId7AzrIhCzMcGZVJQAAABU"]
Stopwatch: 1782884152090154 2749510 (- - -)
Stopwatch2: 1782884152090154 2749510; combined=5330448, p1=219, p2=12971, p3=41, p4=29, p5=2658616, sr=58, sw=1, l=0, gc=2658571
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--96eb0105-Z--
--80276f5e-A--
[01/Jul/2026:05:40:45.198362 +0000] akSoXYd7AzrIhCzMcGZV4QAAAAo 142.93.127.245 59674 172.26.37.160 7080
--80276f5e-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--80276f5e-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--80276f5e-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akSoXYd7AzrIhCzMcGZV4QAAAAo"]
Action: Intercepted (phase 1)
Stopwatch: 1782884445197713 707 (- - -)
Stopwatch2: 1782884445197713 707; combined=255, p1=195, p2=0, p3=0, p4=0, p5=59, sr=76, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--80276f5e-Z--
--8e852d74-A--
[01/Jul/2026:05:40:46.260965 +0000] akSoXod7AzrIhCzMcGZV4gAAABg 142.93.127.245 60288 172.26.37.160 7081
--8e852d74-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--8e852d74-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--8e852d74-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akSoXod7AzrIhCzMcGZV4gAAABg"]
Action: Intercepted (phase 1)
Stopwatch: 1782884446260454 552 (- - -)
Stopwatch2: 1782884446260454 552; combined=255, p1=200, p2=0, p3=0, p4=0, p5=55, sr=73, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8e852d74-Z--
--99713e20-A--
[01/Jul/2026:05:49:42.983845 +0000] akSqdn76X9V8r2zVE4jezgAAAII 185.227.135.59 36570 172.26.37.160 7081
--99713e20-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 185.227.135.59
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://sunchongfung.com/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15
--99713e20-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--99713e20-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sunchongfung.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sunchongfung.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sunchongfung.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSqdn76X9V8r2zVE4jezgAAAII"]
Action: Intercepted (phase 2)
Stopwatch: 1782884982980892 3011 (- - -)
Stopwatch2: 1782884982980892 3011; combined=1580, p1=291, p2=464, p3=0, p4=0, p5=824, sr=78, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--99713e20-Z--
--0785702c-A--
[01/Jul/2026:05:50:46.246744 +0000] akSqtn76X9V8r2zVE4je0wAAAJU 104.191.247.254 45686 172.26.37.160 7081
--0785702c-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: avmhk.com
X-Real-IP: 104.191.247.254
X-Accel-Internal: /internal-nginx-static-location
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
--0785702c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0785702c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akSqtn76X9V8r2zVE4je0wAAAJU"]
Action: Intercepted (phase 2)
Stopwatch: 1782885046244231 2569 (- - -)
Stopwatch2: 1782885046244231 2569; combined=860, p1=323, p2=490, p3=0, p4=0, p5=47, sr=73, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0785702c-Z--
--93ba5650-A--
[01/Jul/2026:05:55:18.266078 +0000] akSrxndeNr8w1n3AFEzNGQAAAFY 45.74.7.108 51524 172.26.37.160 7080
--93ba5650-B--
POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 45.74.7.108
Content-Length: 245
Upgrade-Insecure-Requests: 1
Accept: */*
User-Agent: libredtail-http
Content-Type: application/x-www-form-urlencoded
--93ba5650-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--93ba5650-E--
--93ba5650-H--
Message: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||18.142.40.148|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||18.142.40.148|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "18.142.40.148"] [uri "/hello.world"] [unique_id "akSrxndeNr8w1n3AFEzNGQAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782885318263698 2433 (- - -)
Stopwatch2: 1782885318263698 2433; combined=961, p1=327, p2=582, p3=0, p4=0, p5=51, sr=81, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--93ba5650-Z--
--b899f810-A--
[01/Jul/2026:05:55:19.756515 +0000] akSrx376X9V8r2zVE4jfFgAAAJU 45.74.7.108 51530 172.26.37.160 7080
--b899f810-B--
POST /?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 45.74.7.108
Content-Length: 245
Upgrade-Insecure-Requests: 1
Accept: */*
User-Agent: libredtail-http
Content-Type: application/x-www-form-urlencoded
--b899f810-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--b899f810-E--
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
<hr>
<address>Apache Server at 18.142.40.148 Port 80</address>
</body></html>
--b899f810-H--
Message: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||18.142.40.148|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||18.142.40.148|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "18.142.40.148"] [uri "/"] [unique_id "akSrx376X9V8r2zVE4jfFgAAAJU"]
Action: Intercepted (phase 2)
Stopwatch: 1782885319754679 1886 (- - -)
Stopwatch2: 1782885319754679 1886; combined=929, p1=302, p2=575, p3=0, p4=0, p5=52, sr=67, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b899f810-Z--
--81133a7c-A--
[01/Jul/2026:05:55:45.432945 +0000] akSr4X76X9V8r2zVE4jfHwAAAIU 180.211.113.210 41872 172.26.37.160 7081
--81133a7c-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: avmhk.com
X-Real-IP: 180.211.113.210
X-Accel-Internal: /internal-nginx-static-location
Accept: */*
Accept-Language: en-US,en-IN;q=0.8,en;q=0.5,gu;q=0.2
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
--81133a7c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--81133a7c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akSr4X76X9V8r2zVE4jfHwAAAIU"]
Action: Intercepted (phase 2)
Stopwatch: 1782885345430719 2284 (- - -)
Stopwatch2: 1782885345430719 2284; combined=787, p1=280, p2=444, p3=0, p4=0, p5=62, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--81133a7c-Z--
--8a086054-A--
[01/Jul/2026:05:57:47.085273 +0000] akSsWX76X9V8r2zVE4jfRgAAAJQ 223.17.53.207 39986 172.26.37.160 7081
--8a086054-B--
GET /wp-content/themes/woodmart/css/parts/woo-shop-page-title.min.css?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 223.17.53.207
X-Accel-Internal: /internal-nginx-static-location
sec-fetch-dest: style
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_6_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
accept: text/css,*/*;q=0.1
referer: https://eonhk.com/product-category/furniture/chair-%E6%A4%85%E5%AD%90/page/2/
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
accept-language: en-GB,en;q=0.9
priority: u=1, i
accept-encoding: gzip, deflate, br
--8a086054-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
Last-Modified: Tue, 10 Dec 2024 10:29:06 GMT
ETag: "169-628e7f3606080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 241
Content-Type: text/css
--8a086054-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "20.219.137.198_e784a57e617ad1491dd324bcbb5933086291655a"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "20.219.137.198_e784a57e617ad1491dd324bcbb5933086291655a"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/css/parts/woo-shop-page-title.min.css"] [unique_id "akSsWX76X9V8r2zVE4jfRgAAAJQ"]
Stopwatch: 1782885465442500 1642850 (- - -)
Stopwatch2: 1782885465442500 1642850; combined=3261480, p1=258, p2=1923, p3=26, p4=23, p5=1629644, sr=63, sw=1, l=0, gc=1629605
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8a086054-Z--
--a84c8654-A--
[01/Jul/2026:05:58:59.597514 +0000] akSso376X9V8r2zVE4jfbwAAAJA 103.91.72.206 59802 172.26.37.160 7081
--a84c8654-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--a84c8654-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a84c8654-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSso376X9V8r2zVE4jfbwAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782885539593836 3736 (- - -)
Stopwatch2: 1782885539593836 3736; combined=2382, p1=310, p2=1882, p3=0, p4=0, p5=126, sr=71, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a84c8654-Z--
--c8aa246d-A--
[01/Jul/2026:06:00:13.830884 +0000] akSs7X76X9V8r2zVE4jfegAAAJQ 103.91.72.206 49464 172.26.37.160 7081
--c8aa246d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--c8aa246d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c8aa246d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSs7X76X9V8r2zVE4jfegAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782885613828135 2827 (- - -)
Stopwatch2: 1782885613828135 2827; combined=1645, p1=525, p2=954, p3=0, p4=0, p5=108, sr=84, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c8aa246d-Z--
--6c670269-A--
[01/Jul/2026:06:00:24.108425 +0000] akSs@H76X9V8r2zVE4jffQAAAJE 172.71.148.147 51158 172.26.37.160 7081
--6c670269-B--
GET /.env HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.148.147
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac29b8dc56-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6c670269-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6c670269-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env"] [unique_id "akSs@H76X9V8r2zVE4jffQAAAJE"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624107712 1332 (- - -)
Stopwatch2: 1782885624107712 1332; combined=229, p1=178, p2=0, p3=0, p4=0, p5=51, sr=67, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6c670269-Z--
--41756463-A--
[01/Jul/2026:06:00:24.126773 +0000] akSs@H76X9V8r2zVE4jffgAAAIg 172.71.148.147 51174 172.26.37.160 7081
--41756463-B--
GET /api/.env HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.148.147
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac2bffdc94-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--41756463-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--41756463-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/api/.env"] [unique_id "akSs@H76X9V8r2zVE4jffgAAAIg"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624126041 813 (- - -)
Stopwatch2: 1782885624126041 813; combined=266, p1=192, p2=0, p3=0, p4=0, p5=73, sr=65, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--41756463-Z--
--6ba3080c-A--
[01/Jul/2026:06:00:24.142640 +0000] akSs@HdeNr8w1n3AFEzNeAAAAEg 172.70.248.45 51184 172.26.37.160 7081
--6ba3080c-B--
GET /.env.local HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.248.45
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac2e6a74e3-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6ba3080c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6ba3080c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.local"] [unique_id "akSs@HdeNr8w1n3AFEzNeAAAAEg"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624141599 1152 (- - -)
Stopwatch2: 1782885624141599 1152; combined=206, p1=137, p2=0, p3=0, p4=0, p5=68, sr=53, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6ba3080c-Z--
--cbdb4f72-A--
[01/Jul/2026:06:00:24.143280 +0000] akSs@HdeNr8w1n3AFEzNdwAAAEo 104.23.239.65 51176 172.26.37.160 7081
--cbdb4f72-B--
GET /.env HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.239.65
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac2999ae55-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--cbdb4f72-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cbdb4f72-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env"] [unique_id "akSs@HdeNr8w1n3AFEzNdwAAAEo"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624138902 4471 (- - -)
Stopwatch2: 1782885624138902 4471; combined=1836, p1=1746, p2=0, p3=0, p4=0, p5=89, sr=102, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cbdb4f72-Z--
--a554be7d-A--
[01/Jul/2026:06:00:24.192382 +0000] akSs@Id7AzrIhCzMcGZXXwAAAAs 162.158.111.148 51194 172.26.37.160 7081
--a554be7d-B--
GET /.env.dev HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.111.148
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac8c681905-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a554be7d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a554be7d-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.dev"] [unique_id "akSs@Id7AzrIhCzMcGZXXwAAAAs"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624191384 1068 (- - -)
Stopwatch2: 1782885624191384 1068; combined=251, p1=193, p2=0, p3=0, p4=0, p5=57, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a554be7d-Z--
--5ebcaf17-A--
[01/Jul/2026:06:00:24.200306 +0000] akSs@H76X9V8r2zVE4jffwAAAII 172.71.172.71 51198 172.26.37.160 7081
--5ebcaf17-B--
GET /.env.prod HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.172.71
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac8964d394-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5ebcaf17-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5ebcaf17-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.prod"] [unique_id "akSs@H76X9V8r2zVE4jffwAAAII"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624199667 710 (- - -)
Stopwatch2: 1782885624199667 710; combined=238, p1=191, p2=0, p3=0, p4=0, p5=46, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5ebcaf17-Z--
--aa97d876-A--
[01/Jul/2026:06:00:24.205771 +0000] akSs@H76X9V8r2zVE4jfgAAAAIM 172.71.148.146 51214 172.26.37.160 7081
--aa97d876-B--
GET /core/.env HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.148.146
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac2fd1db06-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--aa97d876-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--aa97d876-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/core/.env"] [unique_id "akSs@H76X9V8r2zVE4jfgAAAAIM"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624204897 940 (- - -)
Stopwatch2: 1782885624204897 940; combined=212, p1=162, p2=0, p3=0, p4=0, p5=49, sr=55, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--aa97d876-Z--
--0ca2461e-A--
[01/Jul/2026:06:00:24.206614 +0000] akSs@H76X9V8r2zVE4jfgQAAAIY 172.71.164.155 51224 172.26.37.160 7081
--0ca2461e-B--
GET /.env.backup HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.164.155
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac8959d2d3-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0ca2461e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0ca2461e-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.backup"] [unique_id "akSs@H76X9V8r2zVE4jfgQAAAIY"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624206100 599 (- - -)
Stopwatch2: 1782885624206100 599; combined=178, p1=141, p2=0, p3=0, p4=0, p5=36, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0ca2461e-Z--
--3412f86c-A--
[01/Jul/2026:06:00:24.209378 +0000] akSs@H76X9V8r2zVE4jfggAAAI8 104.23.239.65 51230 172.26.37.160 7081
--3412f86c-B--
GET /.env.save HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.239.65
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac8d8d340d-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3412f86c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3412f86c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.save"] [unique_id "akSs@H76X9V8r2zVE4jfggAAAI8"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624206310 3192 (- - -)
Stopwatch2: 1782885624206310 3192; combined=2311, p1=2256, p2=0, p3=0, p4=0, p5=54, sr=54, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3412f86c-Z--
--79373003-A--
[01/Jul/2026:06:00:24.236597 +0000] akSs@H76X9V8r2zVE4jfgwAAAIk 172.69.150.77 51234 172.26.37.160 7081
--79373003-B--
GET /config/.env HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.150.77
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330acb91b65be-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--79373003-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--79373003-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/config/.env"] [unique_id "akSs@H76X9V8r2zVE4jfgwAAAIk"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624235888 792 (- - -)
Stopwatch2: 1782885624235888 792; combined=256, p1=204, p2=0, p3=0, p4=0, p5=51, sr=91, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--79373003-Z--
--50cadd77-A--
[01/Jul/2026:06:00:24.619979 +0000] akSs@Id7AzrIhCzMcGZXYQAAAAg 172.71.148.146 51258 172.26.37.160 7081
--50cadd77-B--
GET /.env.bak HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.148.146
X-Forwarded-For: 2a02:2479:ec:1200::1
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14330ac8c00dcae-FRA
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a02:2479:ec:1200::1
cf-ipcountry: DE
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--50cadd77-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--50cadd77-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.bak"] [unique_id "akSs@Id7AzrIhCzMcGZXYQAAAAg"]
Action: Intercepted (phase 1)
Stopwatch: 1782885624618889 1158 (- - -)
Stopwatch2: 1782885624618889 1158; combined=596, p1=180, p2=0, p3=0, p4=0, p5=416, sr=71, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--50cadd77-Z--
--78a30747-A--
[01/Jul/2026:06:00:55.959477 +0000] akStF4d7AzrIhCzMcGZXZgAAAAE 103.91.72.206 54076 172.26.37.160 7081
--78a30747-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--78a30747-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--78a30747-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akStF4d7AzrIhCzMcGZXZgAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782885655955178 4370 (- - -)
Stopwatch2: 1782885655955178 4370; combined=1483, p1=343, p2=914, p3=0, p4=0, p5=149, sr=84, sw=77, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--78a30747-Z--
--56d2fc22-A--
[01/Jul/2026:06:01:38.024672 +0000] akStQod7AzrIhCzMcGZXbQAAAA0 103.91.72.206 34076 172.26.37.160 7081
--56d2fc22-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--56d2fc22-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--56d2fc22-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akStQod7AzrIhCzMcGZXbQAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782885698020972 3758 (- - -)
Stopwatch2: 1782885698020972 3758; combined=2423, p1=336, p2=1894, p3=0, p4=0, p5=127, sr=79, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--56d2fc22-Z--
--340f1e52-A--
[01/Jul/2026:06:01:41.918957 +0000] akStRX76X9V8r2zVE4jflAAAAIU 13.228.246.83 34086 172.26.37.160 7081
--340f1e52-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 13.228.246.83
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://sunchongfung.com/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0
--340f1e52-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--340f1e52-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sunchongfung.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sunchongfung.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sunchongfung.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akStRX76X9V8r2zVE4jflAAAAIU"]
Action: Intercepted (phase 2)
Stopwatch: 1782885701916053 2960 (- - -)
Stopwatch2: 1782885701916053 2960; combined=825, p1=309, p2=466, p3=0, p4=0, p5=49, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--340f1e52-Z--
--401c3c20-A--
[01/Jul/2026:06:01:59.104484 +0000] akStV3deNr8w1n3AFEzNhAAAAEQ 103.91.72.206 58066 172.26.37.160 7081
--401c3c20-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--401c3c20-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--401c3c20-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akStV3deNr8w1n3AFEzNhAAAAEQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782885719100594 3959 (- - -)
Stopwatch2: 1782885719100594 3959; combined=2586, p1=989, p2=1391, p3=0, p4=0, p5=130, sr=721, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--401c3c20-Z--
--ad5bd457-A--
[01/Jul/2026:06:02:49.506854 +0000] akStiXdeNr8w1n3AFEzNigAAAEE 162.158.123.165 49138 172.26.37.160 7081
--ad5bd457-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.airvenushk.com
X-Real-IP: 162.158.123.165
X-Forwarded-For: 217.154.185.101
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW4z
accept: application/json
user-agent: Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
accept-encoding: gzip, br
cf-ray: a143343ace56d58f-MAD
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 217.154.185.101
cf-ipcountry: ES
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ad5bd457-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ad5bd457-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.airvenushk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akStiXdeNr8w1n3AFEzNigAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782885769504178 2772 (- - -)
Stopwatch2: 1782885769504178 2772; combined=887, p1=281, p2=559, p3=0, p4=0, p5=46, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ad5bd457-Z--
--0df8cb4e-A--
[01/Jul/2026:06:03:03.095209 +0000] akStl3deNr8w1n3AFEzNjAAAAE0 103.91.72.206 58314 172.26.37.160 7081
--0df8cb4e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--0df8cb4e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0df8cb4e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akStl3deNr8w1n3AFEzNjAAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782885783091162 4132 (- - -)
Stopwatch2: 1782885783091162 4132; combined=1614, p1=329, p2=1047, p3=0, p4=0, p5=151, sr=86, sw=87, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0df8cb4e-Z--
--a3e76735-A--
[01/Jul/2026:06:04:06.521784 +0000] akSt1n76X9V8r2zVE4jfswAAAI0 103.91.72.206 58204 172.26.37.160 7081
--a3e76735-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--a3e76735-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a3e76735-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSt1n76X9V8r2zVE4jfswAAAI0"]
Action: Intercepted (phase 2)
Stopwatch: 1782885846518278 3594 (- - -)
Stopwatch2: 1782885846518278 3594; combined=1582, p1=344, p2=1057, p3=0, p4=0, p5=118, sr=75, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a3e76735-Z--
--d3985727-A--
[01/Jul/2026:06:04:48.840162 +0000] akSuAId7AzrIhCzMcGZXogAAABA 103.91.72.206 48604 172.26.37.160 7081
--d3985727-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--d3985727-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d3985727-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSuAId7AzrIhCzMcGZXogAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782885888836949 3269 (- - -)
Stopwatch2: 1782885888836949 3269; combined=1548, p1=368, p2=1006, p3=0, p4=0, p5=113, sr=92, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d3985727-Z--
--dcade01d-A--
[01/Jul/2026:06:05:31.249184 +0000] akSuK4d7AzrIhCzMcGZXugAAAAg 103.91.72.206 60592 172.26.37.160 7081
--dcade01d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--dcade01d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dcade01d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSuK4d7AzrIhCzMcGZXugAAAAg"]
Action: Intercepted (phase 2)
Stopwatch: 1782885931244536 4711 (- - -)
Stopwatch2: 1782885931244536 4711; combined=1905, p1=340, p2=1327, p3=0, p4=0, p5=155, sr=81, sw=83, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dcade01d-Z--
--ab39b64d-A--
[01/Jul/2026:06:05:52.385915 +0000] akSuQId7AzrIhCzMcGZXwQAAABU 103.91.72.206 41652 172.26.37.160 7081
--ab39b64d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--ab39b64d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ab39b64d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSuQId7AzrIhCzMcGZXwQAAABU"]
Action: Intercepted (phase 2)
Stopwatch: 1782885952382420 3550 (- - -)
Stopwatch2: 1782885952382420 3550; combined=2188, p1=334, p2=1660, p3=0, p4=0, p5=129, sr=78, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ab39b64d-Z--
--77a8c433-A--
[01/Jul/2026:06:07:06.236662 +0000] akSuindeNr8w1n3AFEzNuQAAAFM 103.91.72.206 38748 172.26.37.160 7081
--77a8c433-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)
--77a8c433-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--77a8c433-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSuindeNr8w1n3AFEzNuQAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782886026232770 4255 (- - -)
Stopwatch2: 1782886026232770 4255; combined=1873, p1=374, p2=1303, p3=0, p4=0, p5=127, sr=75, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--77a8c433-Z--
--f5f63a22-A--
[01/Jul/2026:06:07:16.865270 +0000] akSulHdeNr8w1n3AFEzNyAAAAFc 103.91.72.206 32994 172.26.37.160 7081
--f5f63a22-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--f5f63a22-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f5f63a22-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSulHdeNr8w1n3AFEzNyAAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782886036862640 3473 (- - -)
Stopwatch2: 1782886036862640 3473; combined=1498, p1=346, p2=940, p3=0, p4=0, p5=131, sr=89, sw=81, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f5f63a22-Z--
--562bdb7d-A--
[01/Jul/2026:06:07:48.422860 +0000] akSutH76X9V8r2zVE4jgOAAAAJE 103.91.72.206 53496 172.26.37.160 7081
--562bdb7d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--562bdb7d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--562bdb7d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSutH76X9V8r2zVE4jgOAAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782886068419056 3864 (- - -)
Stopwatch2: 1782886068419056 3864; combined=2639, p1=370, p2=2084, p3=0, p4=0, p5=118, sr=112, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--562bdb7d-Z--
--322b3a1a-A--
[01/Jul/2026:06:08:41.288281 +0000] akSu6XdeNr8w1n3AFEzO-wAAAEA 103.91.72.206 33404 172.26.37.160 7081
--322b3a1a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--322b3a1a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--322b3a1a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSu6XdeNr8w1n3AFEzO-wAAAEA"]
Action: Intercepted (phase 2)
Stopwatch: 1782886121285035 3314 (- - -)
Stopwatch2: 1782886121285035 3314; combined=1953, p1=827, p2=966, p3=0, p4=0, p5=104, sr=77, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--322b3a1a-Z--
--f53e794a-A--
[01/Jul/2026:06:09:34.225695 +0000] akSvHod7AzrIhCzMcGZZbQAAAAY 103.91.72.206 38448 172.26.37.160 7081
--f53e794a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--f53e794a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f53e794a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSvHod7AzrIhCzMcGZZbQAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782886174222097 3665 (- - -)
Stopwatch2: 1782886174222097 3665; combined=1572, p1=345, p2=1045, p3=0, p4=0, p5=119, sr=74, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f53e794a-Z--
--7a9b8864-A--
[01/Jul/2026:06:09:37.535380 +0000] akSvH376X9V8r2zVE4jhggAAAI4 104.197.69.115 38606 172.26.37.160 7081
--7a9b8864-B--
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1 HTTP/1.1
Host: www.contintechind.com
X-Real-IP: 104.197.69.115
X-Accel-Internal: /internal-nginx-static-location
pragma: no-cache
cache-control: no-cache
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.contintechind.com/
accept-encoding: gzip, deflate, br
priority: u=2
--7a9b8864-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-includes/js/jquery/ui/draggable.min.js
Expires: max-age=A10368000, public
Connection: keep-alive
Content-Length: 0
Content-Type: application/javascript
--7a9b8864-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "148.251.47.87_01b82898dd6a677c9344d18386c41de2e455b5d2"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "148.251.47.87_01b82898dd6a677c9344d18386c41de2e455b5d2"): Internal error (specific information not available) [hostname "www.contintechind.com"] [uri "/wp-includes/js/jquery/ui/draggable.min.js"] [unique_id "akSvH376X9V8r2zVE4jhggAAAI4"]
Stopwatch: 1782886175093477 2441982 (- - -)
Stopwatch2: 1782886175093477 2441982; combined=4497835, p1=225, p2=37054, p3=18, p4=13, p5=2230275, sr=59, sw=0, l=0, gc=2230250
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7a9b8864-Z--
--94e64c42-A--
[01/Jul/2026:06:09:55.308697 +0000] akSvM6g9V@qHULY3xdhO@QAAANc 103.91.72.206 50370 172.26.37.160 7081
--94e64c42-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--94e64c42-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--94e64c42-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSvM6g9V@qHULY3xdhO@QAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782886195305062 3693 (- - -)
Stopwatch2: 1782886195305062 3693; combined=3098, p1=355, p2=1010, p3=0, p4=0, p5=896, sr=77, sw=837, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--94e64c42-Z--
--6c812c04-A--
[01/Jul/2026:06:10:37.394407 +0000] akSvXVNGiALgk1Z2KQL4CQAAAEg 103.91.72.206 51454 172.26.37.160 7081
--6c812c04-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--6c812c04-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6c812c04-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSvXVNGiALgk1Z2KQL4CQAAAEg"]
Action: Intercepted (phase 2)
Stopwatch: 1782886237391027 3441 (- - -)
Stopwatch2: 1782886237391027 3441; combined=1560, p1=389, p2=974, p3=0, p4=0, p5=131, sr=120, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6c812c04-Z--
--a8ae844a-A--
[01/Jul/2026:06:11:00.694729 +0000] akSvcqg9V@qHULY3xdhQLgAAAM4 112.192.107.160 58416 172.26.37.160 7081
--a8ae844a-B--
GET /wp-content/plugins/slider-revolution-master/public/css/sr7.css?ver=6.7.20 HTTP/1.1
Host: eonhk.com
X-Real-IP: 112.192.107.160
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua-platform: "Windows"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
sec-ch-ua: "Not_A Brand";v="99", "Chromium";v="142"
sec-ch-ua-mobile: ?0
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://eonhk.com/product/mono-b-table/
accept-encoding: gzip, deflate, br, zstd
accept-language: zh-CN,zh;q=0.9
priority: u=0
--a8ae844a-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/plugins/slider-revolution-master/public/css/sr7.css
Content-Length: 0
Content-Type: text/css
--a8ae844a-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "103.91.72.206_09e111f7ebc069278c0bc6c263a85c0972cda291"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "103.91.72.206_09e111f7ebc069278c0bc6c263a85c0972cda291"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/plugins/slider-revolution-master/public/css/sr7.css"] [unique_id "akSvcqg9V@qHULY3xdhQLgAAAM4"]
Stopwatch: 1782886258854546 1840257 (- - -)
Stopwatch2: 1782886258854546 1840257; combined=3614927, p1=36926, p2=27252, p3=17, p4=13, p5=1775372, sr=35908, sw=1, l=0, gc=1775346
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a8ae844a-Z--
--107d051e-A--
[01/Jul/2026:06:11:09.044272 +0000] akSvfag9V@qHULY3xdhQVwAAANA 103.91.72.206 43050 172.26.37.160 7081
--107d051e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--107d051e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--107d051e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSvfag9V@qHULY3xdhQVwAAANA"]
Action: Intercepted (phase 2)
Stopwatch: 1782886269040505 4190 (- - -)
Stopwatch2: 1782886269040505 4190; combined=1496, p1=319, p2=1007, p3=0, p4=0, p5=110, sr=74, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--107d051e-Z--
--dc0ff321-A--
[01/Jul/2026:06:11:51.442169 +0000] akSvp6g9V@qHULY3xdhQlQAAAMY 103.91.72.206 33114 172.26.37.160 7081
--dc0ff321-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)
--dc0ff321-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dc0ff321-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSvp6g9V@qHULY3xdhQlQAAAMY"]
Action: Intercepted (phase 2)
Stopwatch: 1782886311438844 3990 (- - -)
Stopwatch2: 1782886311438844 3990; combined=1513, p1=341, p2=1008, p3=0, p4=0, p5=106, sr=73, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dc0ff321-Z--
--a419272f-A--
[01/Jul/2026:06:12:01.952430 +0000] akSvsag9V@qHULY3xdhQlwAAAMw 103.91.72.206 43136 172.26.37.160 7081
--a419272f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--a419272f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a419272f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSvsag9V@qHULY3xdhQlwAAAMw"]
Action: Intercepted (phase 2)
Stopwatch: 1782886321947817 5933 (- - -)
Stopwatch2: 1782886321947817 5933; combined=1843, p1=356, p2=1269, p3=0, p4=0, p5=146, sr=85, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a419272f-Z--
--ebf82d6f-A--
[01/Jul/2026:06:13:47.538719 +0000] akSwG7AM1NZ4Hek69xy5kgAAAAw 103.91.72.206 36392 172.26.37.160 7081
--ebf82d6f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--ebf82d6f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ebf82d6f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSwG7AM1NZ4Hek69xy5kgAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782886427534231 6931 (- - -)
Stopwatch2: 1782886427534231 6931; combined=1873, p1=332, p2=1368, p3=0, p4=0, p5=115, sr=71, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ebf82d6f-Z--
--14f76962-A--
[01/Jul/2026:06:14:08.571710 +0000] akSwMKg9V@qHULY3xdhQyQAAAM4 103.91.72.206 41532 172.26.37.160 7081
--14f76962-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--14f76962-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--14f76962-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSwMKg9V@qHULY3xdhQyQAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782886448568240 3533 (- - -)
Stopwatch2: 1782886448568240 3533; combined=1917, p1=365, p2=1339, p3=0, p4=0, p5=141, sr=77, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--14f76962-Z--
--ca7f3105-A--
[01/Jul/2026:06:14:47.217469 +0000] akSwV1NGiALgk1Z2KQL5egAAAEE 172.71.102.180 59310 172.26.37.160 7081
--ca7f3105-B--
GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.71.102.180
X-Forwarded-For: 45.156.128.178
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14345c08cbbb994-AMS
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36
accept-encoding: gzip, br
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 45.156.128.178
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ca7f3105-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ca7f3105-H--
Message: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||immunehk.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||immunehk.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "immunehk.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "akSwV1NGiALgk1Z2KQL5egAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782886487215600 1939 (- - -)
Stopwatch2: 1782886487215600 1939; combined=790, p1=310, p2=428, p3=0, p4=0, p5=51, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ca7f3105-Z--
--73d50c1c-A--
[01/Jul/2026:06:15:01.381259 +0000] akSwZag9V@qHULY3xdhQ4wAAAMQ 103.91.72.206 54038 172.26.37.160 7081
--73d50c1c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--73d50c1c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--73d50c1c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSwZag9V@qHULY3xdhQ4wAAAMQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782886501377646 3674 (- - -)
Stopwatch2: 1782886501377646 3674; combined=1727, p1=328, p2=1200, p3=0, p4=0, p5=130, sr=83, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--73d50c1c-Z--
--1ac6cd12-A--
[01/Jul/2026:06:15:12.001177 +0000] akSwb1NGiALgk1Z2KQL5jgAAAEI 103.91.72.206 43000 172.26.37.160 7081
--1ac6cd12-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--1ac6cd12-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1ac6cd12-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSwb1NGiALgk1Z2KQL5jgAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782886511997545 3693 (- - -)
Stopwatch2: 1782886511997545 3693; combined=2433, p1=322, p2=1930, p3=0, p4=0, p5=118, sr=76, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1ac6cd12-Z--
--292dcd52-A--
[01/Jul/2026:06:15:23.337388 +0000] akSwelNGiALgk1Z2KQL5lgAAAFA 103.91.72.206 34290 172.26.37.160 7081
--292dcd52-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.206
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)
--292dcd52-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--292dcd52-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.206 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSwelNGiALgk1Z2KQL5lgAAAFA"]
Action: Intercepted (phase 2)
Stopwatch: 1782886522624052 713400 (- - -)
Stopwatch2: 1782886522624052 713400; combined=1422249, p1=320, p2=954, p3=0, p4=0, p5=710513, sr=84, sw=61, l=0, gc=710401
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--292dcd52-Z--
--6a97192a-A--
[01/Jul/2026:06:18:07.617978 +0000] akSxH7AM1NZ4Hek69xy6iQAAAAc 172.69.40.185 53356 172.26.37.160 7081
--6a97192a-B--
GET /api/.env HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.69.40.185
X-Forwarded-For: 142.4.31.180
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1434aa25aa84cb3-SLC
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 142.4.31.180
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6a97192a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6a97192a-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/api/.env"] [unique_id "akSxH7AM1NZ4Hek69xy6iQAAAAc"]
Action: Intercepted (phase 1)
Stopwatch: 1782886687617347 725 (- - -)
Stopwatch2: 1782886687617347 725; combined=244, p1=191, p2=0, p3=0, p4=0, p5=53, sr=72, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6a97192a-Z--
--318ab279-A--
[01/Jul/2026:06:18:09.333536 +0000] akSxIVNGiALgk1Z2KQL6MQAAAEA 172.69.40.185 53364 172.26.37.160 7081
--318ab279-B--
GET /backend/.env HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.69.40.185
X-Forwarded-For: 142.4.31.180
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1434aaf992738e9-SLC
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 142.4.31.180
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--318ab279-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--318ab279-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/backend/.env"] [unique_id "akSxIVNGiALgk1Z2KQL6MQAAAEA"]
Action: Intercepted (phase 1)
Stopwatch: 1782886689332597 1013 (- - -)
Stopwatch2: 1782886689332597 1013; combined=434, p1=372, p2=0, p3=0, p4=0, p5=61, sr=75, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--318ab279-Z--
--f80b0231-A--
[01/Jul/2026:06:18:09.351726 +0000] akSxIVNGiALgk1Z2KQL6MgAAAEE 172.69.40.185 53372 172.26.37.160 7081
--f80b0231-B--
GET /app/.env HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.69.40.185
X-Forwarded-For: 142.4.31.180
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1434aafb8b1b73f-SLC
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 142.4.31.180
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f80b0231-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f80b0231-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/app/.env"] [unique_id "akSxIVNGiALgk1Z2KQL6MgAAAEE"]
Action: Intercepted (phase 1)
Stopwatch: 1782886689350996 799 (- - -)
Stopwatch2: 1782886689350996 799; combined=226, p1=174, p2=0, p3=0, p4=0, p5=52, sr=68, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f80b0231-Z--
--db2c3022-A--
[01/Jul/2026:06:18:09.361788 +0000] akSxIag9V@qHULY3xdhR1QAAANY 172.69.40.185 53382 172.26.37.160 7081
--db2c3022-B--
GET /member/.env HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.69.40.185
X-Forwarded-For: 142.4.31.180
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1434aafc85b14fe-SLC
accept-encoding: gzip, br
range: bytes=0-4000
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 142.4.31.180
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--db2c3022-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--db2c3022-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airvenushk.com"] [uri "/member/.env"] [unique_id "akSxIag9V@qHULY3xdhR1QAAANY"]
Action: Intercepted (phase 1)
Stopwatch: 1782886689361250 614 (- - -)
Stopwatch2: 1782886689361250 614; combined=212, p1=162, p2=0, p3=0, p4=0, p5=49, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--db2c3022-Z--
--85bb004d-A--
[01/Jul/2026:06:18:43.441581 +0000] akSxQ6g9V@qHULY3xdhR3QAAAMc 103.91.72.230 55904 172.26.37.160 7081
--85bb004d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.91.72.230
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--85bb004d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--85bb004d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.230 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.230 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akSxQ6g9V@qHULY3xdhR3QAAAMc"]
Action: Intercepted (phase 2)
Stopwatch: 1782886723438151 3500 (- - -)
Stopwatch2: 1782886723438151 3500; combined=1505, p1=366, p2=974, p3=0, p4=0, p5=107, sr=96, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--85bb004d-Z--
--612f2228-A--
[01/Jul/2026:06:18:55.316462 +0000] akSxT1NGiALgk1Z2KQL6QgAAAFc 172.71.203.69 45932 172.26.37.160 7081
--612f2228-B--
GET /.git/config HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.203.69
X-Forwarded-For: 142.93.118.13
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: */*
accept-encoding: gzip, br
cf-ray: a1434bcbfa10cb6b-EWR
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 142.93.118.13
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
--612f2228-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--612f2228-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.git/config"] [unique_id "akSxT1NGiALgk1Z2KQL6QgAAAFc"]
Action: Intercepted (phase 1)
Stopwatch: 1782886735315765 785 (- - -)
Stopwatch2: 1782886735315765 785; combined=227, p1=177, p2=0, p3=0, p4=0, p5=50, sr=72, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--612f2228-Z--
--fc102467-A--
[01/Jul/2026:06:22:47.353180 +0000] akSyN6g9V@qHULY3xdhSLwAAAMU 38.224.232.34 37356 172.26.37.160 7081
--fc102467-B--
GET /wp-json/wp/v2/users?ver=0.11311091199298667 HTTP/1.1
Host: avmhk.com
X-Real-IP: 38.224.232.34
X-Accel-Internal: /internal-nginx-static-location
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--fc102467-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fc102467-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akSyN6g9V@qHULY3xdhSLwAAAMU"]
Action: Intercepted (phase 2)
Stopwatch: 1782886967350733 2504 (- - -)
Stopwatch2: 1782886967350733 2504; combined=981, p1=312, p2=601, p3=0, p4=0, p5=67, sr=77, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fc102467-Z--
--74300549-A--
[01/Jul/2026:06:22:47.655524 +0000] akSyN1NGiALgk1Z2KQL6fAAAAE4 38.224.232.34 37378 172.26.37.160 7081
--74300549-B--
GET /wp-json/wp/v2/users?ver=0.7464794010516875 HTTP/1.1
Host: avmhk.com
X-Real-IP: 38.224.232.34
X-Accel-Internal: /internal-nginx-static-location
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--74300549-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--74300549-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akSyN1NGiALgk1Z2KQL6fAAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782886967652354 3245 (- - -)
Stopwatch2: 1782886967652354 3245; combined=965, p1=295, p2=619, p3=0, p4=0, p5=50, sr=75, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--74300549-Z--
--74166e2b-A--
[01/Jul/2026:06:42:51.904902 +0000] akS267AM1NZ4Hek69xy76wAAABY 2.50.175.79 35108 172.26.37.160 7081
--74166e2b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--74166e2b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--74166e2b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS267AM1NZ4Hek69xy76wAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782888171901995 2986 (- - -)
Stopwatch2: 1782888171901995 2986; combined=1533, p1=317, p2=1029, p3=0, p4=0, p5=122, sr=75, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--74166e2b-Z--
--bf640e7b-A--
[01/Jul/2026:06:43:55.671091 +0000] akS3K1NGiALgk1Z2KQL77QAAAEo 2.50.175.79 55450 172.26.37.160 7081
--bf640e7b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--bf640e7b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bf640e7b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS3K1NGiALgk1Z2KQL77QAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782888235667397 3751 (- - -)
Stopwatch2: 1782888235667397 3751; combined=1890, p1=326, p2=1376, p3=0, p4=0, p5=122, sr=72, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bf640e7b-Z--
--e76bb569-A--
[01/Jul/2026:06:44:27.695430 +0000] akS3S6g9V@qHULY3xdhT8gAAAME 2.50.175.79 39870 172.26.37.160 7081
--e76bb569-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e76bb569-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e76bb569-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS3S6g9V@qHULY3xdhT8gAAAME"]
Action: Intercepted (phase 2)
Stopwatch: 1782888267691965 3564 (- - -)
Stopwatch2: 1782888267691965 3564; combined=2174, p1=303, p2=1682, p3=0, p4=0, p5=124, sr=70, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e76bb569-Z--
--84565364-A--
[01/Jul/2026:06:45:04.194533 +0000] akS3cKg9V@qHULY3xdhT@gAAAMw 43.129.169.161 35272 172.26.37.160 7080
--84565364-B--
HEAD /Core/Skin/Login.aspx HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 43.129.169.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cache-Control: no-cache
Pragma: no-cache
Proxy-Connection: keep-alive
--84565364-F--
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=iso-8859-1
--84565364-H--
Message: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||18.142.40.148|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||18.142.40.148|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/Core/Skin/Login.aspx"] [unique_id "akS3cKg9V@qHULY3xdhT@gAAAMw"]
Action: Intercepted (phase 2)
Stopwatch: 1782888304192857 2308 (- - -)
Stopwatch2: 1782888304192857 2308; combined=690, p1=310, p2=327, p3=0, p4=0, p5=52, sr=85, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--84565364-Z--
--0a328c44-A--
[01/Jul/2026:06:45:17.877554 +0000] akS3fag9V@qHULY3xdhT-gAAANc 88.99.103.105 44882 172.26.37.160 7081
--0a328c44-B--
GET /robots.txt HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 88.99.103.105
X-Accel-Internal: /internal-nginx-static-location
Accept-Language: en-us,en-gb,en;q=0.7,*;q=0.3
Accept-Charset: utf-8,iso-8859-1;q=0.7,*;q=0.7
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: x-gzip, gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36/Nutch-1.21-SNAPSHOT
Proxy-Connection: Keep-Alive
--0a328c44-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0a328c44-H--
Message: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.sunchongfung.com|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.sunchongfung.com|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sunchongfung.com"] [uri "/robots.txt"] [unique_id "akS3fag9V@qHULY3xdhT-gAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782888317875368 2288 (- - -)
Stopwatch2: 1782888317875368 2288; combined=639, p1=277, p2=312, p3=0, p4=0, p5=49, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0a328c44-Z--
--46a0a178-A--
[01/Jul/2026:06:45:42.188201 +0000] akS3lqg9V@qHULY3xdhUBgAAAMk 2.50.175.79 60310 172.26.37.160 7081
--46a0a178-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--46a0a178-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--46a0a178-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS3lqg9V@qHULY3xdhUBgAAAMk"]
Action: Intercepted (phase 2)
Stopwatch: 1782888342185412 2846 (- - -)
Stopwatch2: 1782888342185412 2846; combined=1506, p1=323, p2=1007, p3=0, p4=0, p5=115, sr=74, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--46a0a178-Z--
--d718a114-A--
[01/Jul/2026:06:46:45.927399 +0000] akS31bAM1NZ4Hek69xy8KgAAAAw 2.50.175.79 36394 172.26.37.160 7081
--d718a114-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d718a114-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d718a114-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS31bAM1NZ4Hek69xy8KgAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782888405922788 4679 (- - -)
Stopwatch2: 1782888405922788 4679; combined=1436, p1=342, p2=919, p3=0, p4=0, p5=115, sr=75, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d718a114-Z--
--e454040f-A--
[01/Jul/2026:06:46:56.618066 +0000] akS34Kg9V@qHULY3xdhUFgAAAMc 2.50.175.79 34666 172.26.37.160 7081
--e454040f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--e454040f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e454040f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS34Kg9V@qHULY3xdhUFgAAAMc"]
Action: Intercepted (phase 2)
Stopwatch: 1782888416614381 3741 (- - -)
Stopwatch2: 1782888416614381 3741; combined=2344, p1=332, p2=1805, p3=0, p4=0, p5=137, sr=73, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e454040f-Z--
--0c30d61c-A--
[01/Jul/2026:06:48:00.441611 +0000] akS4IKg9V@qHULY3xdhUNQAAAMA 2.50.175.79 39454 172.26.37.160 7081
--0c30d61c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--0c30d61c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0c30d61c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS4IKg9V@qHULY3xdhUNQAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782888480438254 3415 (- - -)
Stopwatch2: 1782888480438254 3415; combined=1541, p1=315, p2=1028, p3=0, p4=0, p5=129, sr=76, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0c30d61c-Z--
--c9801453-A--
[01/Jul/2026:06:49:14.696597 +0000] akS4arAM1NZ4Hek69xy8VgAAAAI 2.50.175.79 54256 172.26.37.160 7081
--c9801453-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--c9801453-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c9801453-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS4arAM1NZ4Hek69xy8VgAAAAI"]
Action: Intercepted (phase 2)
Stopwatch: 1782888554693922 2737 (- - -)
Stopwatch2: 1782888554693922 2737; combined=1417, p1=285, p2=970, p3=0, p4=0, p5=105, sr=65, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c9801453-Z--
--65ed4d64-A--
[01/Jul/2026:06:49:46.628222 +0000] akS4ilNGiALgk1Z2KQL8WAAAAFI 2.50.175.79 33206 172.26.37.160 7081
--65ed4d64-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--65ed4d64-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--65ed4d64-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS4ilNGiALgk1Z2KQL8WAAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782888586625031 4888 (- - -)
Stopwatch2: 1782888586625031 4888; combined=1464, p1=318, p2=961, p3=0, p4=0, p5=122, sr=80, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--65ed4d64-Z--
--98195c4d-A--
[01/Jul/2026:06:51:01.090330 +0000] akS41ag9V@qHULY3xdhUgQAAAMs 2.50.175.79 43470 172.26.37.160 7081
--98195c4d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--98195c4d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--98195c4d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS41ag9V@qHULY3xdhUgQAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782888661086100 4298 (- - -)
Stopwatch2: 1782888661086100 4298; combined=2873, p1=308, p2=2345, p3=0, p4=0, p5=141, sr=73, sw=79, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--98195c4d-Z--
--821d4d06-A--
[01/Jul/2026:06:51:22.378787 +0000] akS46lNGiALgk1Z2KQL8hwAAAEI 2.50.175.79 56932 172.26.37.160 7081
--821d4d06-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--821d4d06-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--821d4d06-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS46lNGiALgk1Z2KQL8hwAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782888682375809 3037 (- - -)
Stopwatch2: 1782888682375809 3037; combined=1444, p1=335, p2=928, p3=0, p4=0, p5=118, sr=74, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--821d4d06-Z--
--d8adbd0a-A--
[01/Jul/2026:06:52:15.518851 +0000] akS5H6g9V@qHULY3xdhUqQAAAMg 2.50.175.79 53682 172.26.37.160 7081
--d8adbd0a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--d8adbd0a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d8adbd0a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS5H6g9V@qHULY3xdhUqQAAAMg"]
Action: Intercepted (phase 2)
Stopwatch: 1782888735515824 3084 (- - -)
Stopwatch2: 1782888735515824 3084; combined=1517, p1=303, p2=984, p3=0, p4=0, p5=150, sr=70, sw=80, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d8adbd0a-Z--
--eb068911-A--
[01/Jul/2026:06:52:58.172772 +0000] akS5SlNGiALgk1Z2KQL8mgAAAFU 2.50.175.79 46326 172.26.37.160 7081
--eb068911-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--eb068911-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--eb068911-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS5SlNGiALgk1Z2KQL8mgAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782888778169820 3037 (- - -)
Stopwatch2: 1782888778169820 3037; combined=1583, p1=342, p2=1067, p3=0, p4=0, p5=112, sr=76, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--eb068911-Z--
--aafc546c-A--
[01/Jul/2026:06:53:30.035964 +0000] akS5aqg9V@qHULY3xdhUxwAAANg 2.50.175.79 52500 172.26.37.160 7081
--aafc546c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--aafc546c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--aafc546c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS5aqg9V@qHULY3xdhUxwAAANg"]
Action: Intercepted (phase 2)
Stopwatch: 1782888810032531 3496 (- - -)
Stopwatch2: 1782888810032531 3496; combined=1436, p1=305, p2=939, p3=0, p4=0, p5=128, sr=71, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--aafc546c-Z--
--d10c363b-A--
[01/Jul/2026:06:54:01.786343 +0000] akS5iVNGiALgk1Z2KQL8sgAAAFc 2.50.175.79 35418 172.26.37.160 7081
--d10c363b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d10c363b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d10c363b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS5iVNGiALgk1Z2KQL8sgAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782888841780049 8766 (- - -)
Stopwatch2: 1782888841780049 8766; combined=2334, p1=309, p2=1769, p3=0, p4=0, p5=172, sr=67, sw=84, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d10c363b-Z--
--93b4ed66-A--
[01/Jul/2026:06:54:33.940391 +0000] akS5qVNGiALgk1Z2KQL8uAAAAFM 172.70.248.44 52446 172.26.37.160 7081
--93b4ed66-B--
GET /.env.cache HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.248.44
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0
accept-encoding: gzip, br
accept: */*
cf-ray: a14380039c8c240f-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--93b4ed66-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--93b4ed66-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.cache"] [unique_id "akS5qVNGiALgk1Z2KQL8uAAAAFM"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873939678 784 (- - -)
Stopwatch2: 1782888873939678 784; combined=254, p1=202, p2=0, p3=0, p4=0, p5=51, sr=83, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--93b4ed66-Z--
--9d56961b-A--
[01/Jul/2026:06:54:33.971429 +0000] akS5qVNGiALgk1Z2KQL8uQAAAEs 172.68.151.66 52452 172.26.37.160 7081
--9d56961b-B--
GET /.env.dev HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.68.151.66
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003dc5dfaee-CDG
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--9d56961b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9d56961b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.dev"] [unique_id "akS5qVNGiALgk1Z2KQL8uQAAAEs"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873970120 1398 (- - -)
Stopwatch2: 1782888873970120 1398; combined=202, p1=148, p2=0, p3=0, p4=0, p5=54, sr=58, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9d56961b-Z--
--3d771d4b-A--
[01/Jul/2026:06:54:33.972777 +0000] akS5qbAM1NZ4Hek69xy8rgAAAA0 172.70.246.245 52454 172.26.37.160 7081
--3d771d4b-B--
GET /.env.caprover HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.246.245
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003bf94903d-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--3d771d4b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3d771d4b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.caprover"] [unique_id "akS5qbAM1NZ4Hek69xy8rgAAAA0"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873966716 6131 (- - -)
Stopwatch2: 1782888873966716 6131; combined=544, p1=481, p2=0, p3=0, p4=0, p5=62, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3d771d4b-Z--
--4bdd7d6b-A--
[01/Jul/2026:06:54:33.973088 +0000] akS5qbAM1NZ4Hek69xy8sAAAAAk 172.70.240.107 52464 172.26.37.160 7081
--4bdd7d6b-B--
GET /.env.bak HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.240.107
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003c8da804d-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--4bdd7d6b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4bdd7d6b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.bak"] [unique_id "akS5qbAM1NZ4Hek69xy8sAAAAAk"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873971361 1799 (- - -)
Stopwatch2: 1782888873971361 1799; combined=175, p1=131, p2=0, p3=0, p4=0, p5=43, sr=54, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4bdd7d6b-Z--
--6e0dc543-A--
[01/Jul/2026:06:54:33.973702 +0000] akS5qbAM1NZ4Hek69xy8rwAAAAA 172.71.164.155 52462 172.26.37.160 7081
--6e0dc543-B--
GET /.env.2 HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.164.155
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003bf72d2f6-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--6e0dc543-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6e0dc543-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.2"] [unique_id "akS5qbAM1NZ4Hek69xy8rwAAAAA"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873971211 2558 (- - -)
Stopwatch2: 1782888873971211 2558; combined=2055, p1=2016, p2=0, p3=0, p4=0, p5=38, sr=59, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6e0dc543-Z--
--81c6b616-A--
[01/Jul/2026:06:54:33.984666 +0000] akS5qag9V@qHULY3xdhU4wAAANc 104.23.239.65 52480 172.26.37.160 7081
--81c6b616-B--
GET /.env.bak.1 HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.239.65
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a14380039a682f12-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--81c6b616-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--81c6b616-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.bak.1"] [unique_id "akS5qag9V@qHULY3xdhU4wAAANc"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873982127 2609 (- - -)
Stopwatch2: 1782888873982127 2609; combined=214, p1=156, p2=0, p3=0, p4=0, p5=57, sr=63, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--81c6b616-Z--
--925feb6c-A--
[01/Jul/2026:06:54:33.985061 +0000] akS5qbAM1NZ4Hek69xy8sQAAABg 172.71.144.178 52500 172.26.37.160 7081
--925feb6c-B--
GET /.env.api HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.144.178
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003cf27dbc5-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--925feb6c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--925feb6c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.api"] [unique_id "akS5qbAM1NZ4Hek69xy8sQAAABg"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873983722 1408 (- - -)
Stopwatch2: 1782888873983722 1408; combined=194, p1=147, p2=0, p3=0, p4=0, p5=47, sr=60, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--925feb6c-Z--
--851c0363-A--
[01/Jul/2026:06:54:33.985294 +0000] akS5qag9V@qHULY3xdhU5AAAANA 172.68.194.212 52488 172.26.37.160 7081
--851c0363-B--
GET /.env.aws HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.68.194.212
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003cb899741-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--851c0363-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--851c0363-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.aws"] [unique_id "akS5qag9V@qHULY3xdhU5AAAANA"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873983743 1642 (- - -)
Stopwatch2: 1782888873983743 1642; combined=191, p1=135, p2=0, p3=0, p4=0, p5=56, sr=55, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--851c0363-Z--
--11c8207e-A--
[01/Jul/2026:06:54:33.990405 +0000] akS5qbAM1NZ4Hek69xy8sgAAAAI 104.23.239.64 52514 172.26.37.160 7081
--11c8207e-B--
GET /.env.cron HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.239.64
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003bf061d0c-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--11c8207e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--11c8207e-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.cron"] [unique_id "akS5qbAM1NZ4Hek69xy8sgAAAAI"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873989747 731 (- - -)
Stopwatch2: 1782888873989747 731; combined=240, p1=193, p2=0, p3=0, p4=0, p5=46, sr=89, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--11c8207e-Z--
--e02b6c57-A--
[01/Jul/2026:06:54:33.994410 +0000] akS5qVNGiALgk1Z2KQL8ugAAAFE 172.71.144.178 52532 172.26.37.160 7081
--e02b6c57-B--
GET /.env.copy HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.144.178
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003a950dbcd-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--e02b6c57-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e02b6c57-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.copy"] [unique_id "akS5qVNGiALgk1Z2KQL8ugAAAFE"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873993568 911 (- - -)
Stopwatch2: 1782888873993568 911; combined=464, p1=416, p2=0, p3=0, p4=0, p5=47, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e02b6c57-Z--
--acda5e31-A--
[01/Jul/2026:06:54:33.997858 +0000] akS5qVNGiALgk1Z2KQL8vAAAAEo 172.71.172.71 52536 172.26.37.160 7081
--acda5e31-B--
GET /.env.azure HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.172.71
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003c8c5d223-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--acda5e31-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--acda5e31-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.azure"] [unique_id "akS5qVNGiALgk1Z2KQL8vAAAAEo"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873997087 845 (- - -)
Stopwatch2: 1782888873997087 845; combined=153, p1=112, p2=0, p3=0, p4=0, p5=40, sr=46, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--acda5e31-Z--
--1607af4d-A--
[01/Jul/2026:06:54:33.999654 +0000] akS5qag9V@qHULY3xdhU5QAAAMM 172.71.172.71 52542 172.26.37.160 7081
--1607af4d-B--
GET /.env.default HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.172.71
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003e9aed360-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--1607af4d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1607af4d-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.default"] [unique_id "akS5qag9V@qHULY3xdhU5QAAAMM"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873998996 727 (- - -)
Stopwatch2: 1782888873998996 727; combined=189, p1=145, p2=0, p3=0, p4=0, p5=44, sr=57, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1607af4d-Z--
--4665b349-A--
[01/Jul/2026:06:54:34.000032 +0000] akS5qVNGiALgk1Z2KQL8uwAAAEQ 172.70.246.244 52528 172.26.37.160 7081
--4665b349-B--
GET /.env.0 HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.246.244
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003cdf0903c-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--4665b349-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4665b349-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.0"] [unique_id "akS5qVNGiALgk1Z2KQL8uwAAAEQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782888873996572 3527 (- - -)
Stopwatch2: 1782888873996572 3527; combined=162, p1=123, p2=0, p3=0, p4=0, p5=39, sr=52, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4665b349-Z--
--53f99233-A--
[01/Jul/2026:06:54:34.006555 +0000] akS5qqg9V@qHULY3xdhU5gAAANE 104.23.239.65 52566 172.26.37.160 7081
--53f99233-B--
GET /.env.config HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.239.65
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003aafcf9c1-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--53f99233-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--53f99233-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.config"] [unique_id "akS5qqg9V@qHULY3xdhU5gAAANE"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874005842 785 (- - -)
Stopwatch2: 1782888874005842 785; combined=207, p1=151, p2=0, p3=0, p4=0, p5=55, sr=59, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--53f99233-Z--
--e4a43836-A--
[01/Jul/2026:06:54:34.009475 +0000] akS5qlNGiALgk1Z2KQL8vQAAAE8 172.70.240.106 52552 172.26.37.160 7081
--e4a43836-B--
GET /.env.1 HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.240.106
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003c8cdf16a-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--e4a43836-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e4a43836-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.1"] [unique_id "akS5qlNGiALgk1Z2KQL8vQAAAE8"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874004578 4963 (- - -)
Stopwatch2: 1782888874004578 4963; combined=4259, p1=4206, p2=0, p3=0, p4=0, p5=53, sr=4120, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e4a43836-Z--
--6c7ff452-A--
[01/Jul/2026:06:54:34.021606 +0000] akS5qrAM1NZ4Hek69xy8swAAAAM 172.71.144.178 52574 172.26.37.160 7081
--6c7ff452-B--
GET /.env.dev.local HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.144.178
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003ecb0dbe3-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--6c7ff452-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6c7ff452-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.dev.local"] [unique_id "akS5qrAM1NZ4Hek69xy8swAAAAM"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874017936 3746 (- - -)
Stopwatch2: 1782888874017936 3746; combined=221, p1=174, p2=0, p3=0, p4=0, p5=46, sr=60, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6c7ff452-Z--
--89585f68-A--
[01/Jul/2026:06:54:34.021850 +0000] akS5qlNGiALgk1Z2KQL8vgAAAEA 104.23.239.64 52584 172.26.37.160 7081
--89585f68-B--
GET /.env.base HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.239.64
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003edf7f6a5-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--89585f68-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--89585f68-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.base"] [unique_id "akS5qlNGiALgk1Z2KQL8vgAAAEA"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874017445 4484 (- - -)
Stopwatch2: 1782888874017445 4484; combined=168, p1=129, p2=0, p3=0, p4=0, p5=38, sr=54, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--89585f68-Z--
--98ef9502-A--
[01/Jul/2026:06:54:34.022076 +0000] akS5qqg9V@qHULY3xdhU5wAAAMQ 172.71.131.161 52596 172.26.37.160 7081
--98ef9502-B--
GET /.env HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.131.161
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0
accept-encoding: gzip, br
accept: */*
cf-ray: a14380040b1fa1a7-CDG
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--98ef9502-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--98ef9502-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env"] [unique_id "akS5qqg9V@qHULY3xdhU5wAAAMQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874020193 1987 (- - -)
Stopwatch2: 1782888874020193 1987; combined=650, p1=608, p2=0, p3=0, p4=0, p5=42, sr=58, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--98ef9502-Z--
--38d1fc43-A--
[01/Jul/2026:06:54:34.024186 +0000] akS5qqg9V@qHULY3xdhU6AAAAMI 172.70.246.244 52612 172.26.37.160 7081
--38d1fc43-B--
GET /.env.backup HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.246.244
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003e8081e4e-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--38d1fc43-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--38d1fc43-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.backup"] [unique_id "akS5qqg9V@qHULY3xdhU6AAAAMI"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874023586 684 (- - -)
Stopwatch2: 1782888874023586 684; combined=260, p1=218, p2=0, p3=0, p4=0, p5=41, sr=133, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--38d1fc43-Z--
--b7a75414-A--
[01/Jul/2026:06:54:34.037701 +0000] akS5qqg9V@qHULY3xdhU6QAAAMA 172.71.148.147 52618 172.26.37.160 7081
--b7a75414-B--
GET /.env.defaults HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.148.147
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003dd0bdb0b-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--b7a75414-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b7a75414-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.defaults"] [unique_id "akS5qqg9V@qHULY3xdhU6QAAAMA"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874036570 1215 (- - -)
Stopwatch2: 1782888874036570 1215; combined=529, p1=145, p2=0, p3=0, p4=0, p5=383, sr=58, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b7a75414-Z--
--45cc7461-A--
[01/Jul/2026:06:54:34.046688 +0000] akS5qqg9V@qHULY3xdhU6gAAAMk 172.71.148.147 52624 172.26.37.160 7081
--45cc7461-B--
GET /.env.ci HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.148.147
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cf-ray: a1438003e9c1dcb1-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--45cc7461-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--45cc7461-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.ci"] [unique_id "akS5qqg9V@qHULY3xdhU6gAAAMk"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874045628 1127 (- - -)
Stopwatch2: 1782888874045628 1127; combined=224, p1=178, p2=0, p3=0, p4=0, p5=46, sr=67, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--45cc7461-Z--
--1c2a6535-A--
[01/Jul/2026:06:54:34.066254 +0000] akS5qqg9V@qHULY3xdhU7AAAAMg 172.69.223.79 52642 172.26.37.160 7081
--1c2a6535-B--
GET /.env.development HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.223.79
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0
accept-encoding: gzip, br
accept: */*
cf-ray: a14380042bd69edc-CDG
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--1c2a6535-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1c2a6535-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.development"] [unique_id "akS5qqg9V@qHULY3xdhU7AAAAMg"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874065496 827 (- - -)
Stopwatch2: 1782888874065496 827; combined=229, p1=154, p2=0, p3=0, p4=0, p5=75, sr=58, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1c2a6535-Z--
--bbf5a141-A--
[01/Jul/2026:06:54:34.786637 +0000] akS5qqg9V@qHULY3xdhU6wAAANM 172.70.243.14 52636 172.26.37.160 7081
--bbf5a141-B--
GET /.env.coolify HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.243.14
X-Forwarded-For: 167.86.80.238
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0
accept-encoding: gzip, br
accept: */*
cf-ray: a14380040a009261-FRA
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.86.80.238
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
--bbf5a141-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bbf5a141-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.env.coolify"] [unique_id "akS5qqg9V@qHULY3xdhU6wAAANM"]
Action: Intercepted (phase 1)
Stopwatch: 1782888874052573 734140 (- - -)
Stopwatch2: 1782888874052573 734140; combined=1465819, p1=160, p2=0, p3=0, p4=0, p5=732858, sr=59, sw=0, l=0, gc=732801
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bbf5a141-Z--
--521e6b61-A--
[01/Jul/2026:06:54:54.977573 +0000] akS5vlNGiALgk1Z2KQL8wQAAAFc 2.50.175.79 41518 172.26.37.160 7081
--521e6b61-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--521e6b61-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--521e6b61-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS5vlNGiALgk1Z2KQL8wQAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782888894973961 3669 (- - -)
Stopwatch2: 1782888894973961 3669; combined=2336, p1=335, p2=1801, p3=0, p4=0, p5=133, sr=75, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--521e6b61-Z--
--bd405a25-A--
[01/Jul/2026:06:55:05.580842 +0000] akS5yag9V@qHULY3xdhU9AAAANc 2.50.175.79 39002 172.26.37.160 7081
--bd405a25-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--bd405a25-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bd405a25-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS5yag9V@qHULY3xdhU9AAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782888905575996 4920 (- - -)
Stopwatch2: 1782888905575996 4920; combined=1499, p1=333, p2=972, p3=0, p4=0, p5=126, sr=77, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bd405a25-Z--
--ecb61c46-A--
[01/Jul/2026:06:55:58.760696 +0000] akS5-qg9V@qHULY3xdhVBQAAAMU 2.50.175.79 41480 172.26.37.160 7081
--ecb61c46-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ecb61c46-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ecb61c46-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS5-qg9V@qHULY3xdhVBQAAAMU"]
Action: Intercepted (phase 2)
Stopwatch: 1782888958757440 3318 (- - -)
Stopwatch2: 1782888958757440 3318; combined=1905, p1=737, p2=988, p3=0, p4=0, p5=119, sr=86, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ecb61c46-Z--
--08e1817b-A--
[01/Jul/2026:06:56:09.435055 +0000] akS6Cag9V@qHULY3xdhVBwAAANM 2.50.175.79 53732 172.26.37.160 7081
--08e1817b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--08e1817b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--08e1817b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS6Cag9V@qHULY3xdhVBwAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782888969431498 3613 (- - -)
Stopwatch2: 1782888969431498 3613; combined=2377, p1=840, p2=1369, p3=0, p4=0, p5=109, sr=600, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--08e1817b-Z--
--fdb39e16-A--
[01/Jul/2026:06:57:14.889840 +0000] akS6SlNGiALgk1Z2KQL86QAAAFY 87.106.77.124 52778 172.26.37.160 7081
--fdb39e16-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 87.106.77.124
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://preemptivestrategies.hk/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0
--fdb39e16-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fdb39e16-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akS6SlNGiALgk1Z2KQL86QAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782889034887670 2231 (- - -)
Stopwatch2: 1782889034887670 2231; combined=803, p1=289, p2=464, p3=0, p4=0, p5=50, sr=71, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fdb39e16-Z--
--6fc5ac43-A--
[01/Jul/2026:06:57:34.503484 +0000] akS6Xqg9V@qHULY3xdhVGgAAAMo 2.50.175.79 46302 172.26.37.160 7081
--6fc5ac43-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--6fc5ac43-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6fc5ac43-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS6Xqg9V@qHULY3xdhVGgAAAMo"]
Action: Intercepted (phase 2)
Stopwatch: 1782889054499897 3649 (- - -)
Stopwatch2: 1782889054499897 3649; combined=1973, p1=334, p2=1470, p3=0, p4=0, p5=111, sr=69, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6fc5ac43-Z--
--3ab3373e-A--
[01/Jul/2026:06:58:06.507377 +0000] akS6fqg9V@qHULY3xdhVIAAAANM 2.50.175.79 34326 172.26.37.160 7081
--3ab3373e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--3ab3373e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3ab3373e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS6fqg9V@qHULY3xdhVIAAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782889086503662 3776 (- - -)
Stopwatch2: 1782889086503662 3776; combined=2348, p1=353, p2=1784, p3=0, p4=0, p5=138, sr=92, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3ab3373e-Z--
--f60a4b11-A--
[01/Jul/2026:06:58:15.587870 +0000] akS6h6g9V@qHULY3xdhVIwAAAME 142.93.127.245 49418 172.26.37.160 7080
--f60a4b11-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--f60a4b11-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--f60a4b11-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akS6h6g9V@qHULY3xdhVIwAAAME"]
Action: Intercepted (phase 1)
Stopwatch: 1782889095587330 579 (- - -)
Stopwatch2: 1782889095587330 579; combined=269, p1=218, p2=0, p3=0, p4=0, p5=51, sr=105, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f60a4b11-Z--
--6c580026-A--
[01/Jul/2026:06:58:18.765597 +0000] akS6iqg9V@qHULY3xdhVJQAAANY 142.93.127.245 36452 172.26.37.160 7081
--6c580026-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--6c580026-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--6c580026-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akS6iqg9V@qHULY3xdhVJQAAANY"]
Action: Intercepted (phase 1)
Stopwatch: 1782889098764900 749 (- - -)
Stopwatch2: 1782889098764900 749; combined=262, p1=196, p2=0, p3=0, p4=0, p5=65, sr=75, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6c580026-Z--
--89162945-A--
[01/Jul/2026:06:58:21.428229 +0000] akS6jag9V@qHULY3xdhVJwAAAMo 172.68.225.64 36490 172.26.37.160 7081
--89162945-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.225.64
X-Forwarded-For: 113.160.142.119
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW4xMjM0NUA=
accept: application/json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0
accept-encoding: gzip, br
cf-ray: a143859328988553-HKG
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 113.160.142.119
cf-ipcountry: VN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--89162945-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--89162945-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "airvenushk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akS6jag9V@qHULY3xdhVJwAAAMo"]
Action: Intercepted (phase 2)
Stopwatch: 1782889101426094 2214 (- - -)
Stopwatch2: 1782889101426094 2214; combined=954, p1=292, p2=612, p3=0, p4=0, p5=49, sr=84, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--89162945-Z--
--95493156-A--
[01/Jul/2026:06:58:38.458642 +0000] akS6nrAM1NZ4Hek69xy83gAAAAE 2.50.175.79 40676 172.26.37.160 7081
--95493156-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--95493156-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--95493156-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS6nrAM1NZ4Hek69xy83gAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782889118455763 2935 (- - -)
Stopwatch2: 1782889118455763 2935; combined=1519, p1=346, p2=974, p3=0, p4=0, p5=134, sr=77, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--95493156-Z--
--5498ca3d-A--
[01/Jul/2026:07:00:03.766193 +0000] akS686g9V@qHULY3xdhVUAAAANE 2.50.175.79 52444 172.26.37.160 7081
--5498ca3d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5498ca3d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5498ca3d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS686g9V@qHULY3xdhVUAAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782889203736420 30808 (- - -)
Stopwatch2: 1782889203736420 30808; combined=2193, p1=406, p2=1530, p3=0, p4=0, p5=175, sr=77, sw=82, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5498ca3d-Z--
--08a00a0f-A--
[01/Jul/2026:07:00:40.090081 +0000] akS7GFNGiALgk1Z2KQL9GAAAAFI 102.220.160.176 38892 172.26.37.160 7081
--08a00a0f-B--
GET /.env HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 102.220.160.176
X-Accel-Internal: /internal-nginx-static-location
referer: http://sunchongfung.com:80/.env
accept-encoding: gzip
user-agent: Go-http-client/2.0
--08a00a0f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--08a00a0f-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env"] [unique_id "akS7GFNGiALgk1Z2KQL9GAAAAFI"]
Action: Intercepted (phase 1)
Stopwatch: 1782889240088825 1327 (- - -)
Stopwatch2: 1782889240088825 1327; combined=718, p1=669, p2=0, p3=0, p4=0, p5=49, sr=85, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--08a00a0f-Z--
--5e374338-A--
[01/Jul/2026:07:00:40.317364 +0000] akS7GLAM1NZ4Hek69xy88gAAAAk 102.220.160.176 38902 172.26.37.160 7081
--5e374338-B--
GET /.env HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 102.220.160.176
X-Accel-Internal: /internal-nginx-static-location
referer: https://sunchongfung.com:443/.env
accept-encoding: gzip
user-agent: Go-http-client/2.0
--5e374338-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5e374338-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env"] [unique_id "akS7GLAM1NZ4Hek69xy88gAAAAk"]
Action: Intercepted (phase 1)
Stopwatch: 1782889240316577 852 (- - -)
Stopwatch2: 1782889240316577 852; combined=238, p1=188, p2=0, p3=0, p4=0, p5=49, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5e374338-Z--
--8f92dc4f-A--
[01/Jul/2026:07:00:41.360110 +0000] akS7Gag9V@qHULY3xdhVWgAAANY 102.220.160.176 38924 172.26.37.160 7081
--8f92dc4f-B--
GET /.git/HEAD HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 102.220.160.176
X-Accel-Internal: /internal-nginx-static-location
referer: http://sunchongfung.com:80/.git/HEAD
accept-encoding: gzip
user-agent: Go-http-client/2.0
--8f92dc4f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8f92dc4f-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.git/HEAD"] [unique_id "akS7Gag9V@qHULY3xdhVWgAAANY"]
Action: Intercepted (phase 1)
Stopwatch: 1782889241359225 951 (- - -)
Stopwatch2: 1782889241359225 951; combined=247, p1=192, p2=0, p3=0, p4=0, p5=55, sr=70, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8f92dc4f-Z--
--5afad74b-A--
[01/Jul/2026:07:00:41.887836 +0000] akS7GVNGiALgk1Z2KQL9GQAAAEY 102.220.160.176 38930 172.26.37.160 7081
--5afad74b-B--
GET /.git/HEAD HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 102.220.160.176
X-Accel-Internal: /internal-nginx-static-location
referer: https://sunchongfung.com:443/.git/HEAD
accept-encoding: gzip
user-agent: Go-http-client/2.0
--5afad74b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5afad74b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.git/HEAD"] [unique_id "akS7GVNGiALgk1Z2KQL9GQAAAEY"]
Action: Intercepted (phase 1)
Stopwatch: 1782889241887104 798 (- - -)
Stopwatch2: 1782889241887104 798; combined=232, p1=179, p2=0, p3=0, p4=0, p5=53, sr=72, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5afad74b-Z--
--b4b29c6a-A--
[01/Jul/2026:07:00:45.421039 +0000] akS7HbAM1NZ4Hek69xy88wAAABg 74.82.47.4 37532 172.26.37.160 7081
--b4b29c6a-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 74.82.47.4
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0
Accept: */*
Accept-Encoding: gzip
--b4b29c6a-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--b4b29c6a-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akS7HbAM1NZ4Hek69xy88wAAABg"]
Action: Intercepted (phase 1)
Stopwatch: 1782889245420524 553 (- - -)
Stopwatch2: 1782889245420524 553; combined=233, p1=183, p2=0, p3=0, p4=0, p5=50, sr=72, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b4b29c6a-Z--
--134c6f42-A--
[01/Jul/2026:07:01:18.384280 +0000] akS7Pqg9V@qHULY3xdhVYgAAAM0 2.50.175.79 33812 172.26.37.160 7081
--134c6f42-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--134c6f42-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--134c6f42-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS7Pqg9V@qHULY3xdhVYgAAAM0"]
Action: Intercepted (phase 2)
Stopwatch: 1782889278380984 3358 (- - -)
Stopwatch2: 1782889278380984 3358; combined=1917, p1=361, p2=1358, p3=0, p4=0, p5=133, sr=78, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--134c6f42-Z--
--ed819527-A--
[01/Jul/2026:07:01:29.119856 +0000] akS7SbAM1NZ4Hek69xy9AgAAAAM 2.50.175.79 42524 172.26.37.160 7081
--ed819527-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--ed819527-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ed819527-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS7SbAM1NZ4Hek69xy9AgAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782889289114499 5429 (- - -)
Stopwatch2: 1782889289114499 5429; combined=1578, p1=336, p2=1039, p3=0, p4=0, p5=136, sr=74, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ed819527-Z--
--a0630142-A--
[01/Jul/2026:07:02:22.464252 +0000] akS7flNGiALgk1Z2KQL9UgAAAEY 2.50.175.79 41800 172.26.37.160 7081
--a0630142-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--a0630142-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a0630142-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS7flNGiALgk1Z2KQL9UgAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782889342460012 4408 (- - -)
Stopwatch2: 1782889342460012 4408; combined=1434, p1=312, p2=914, p3=0, p4=0, p5=138, sr=76, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a0630142-Z--
--2864dc52-A--
[01/Jul/2026:07:02:54.308549 +0000] akS7nrAM1NZ4Hek69xy9RgAAAAk 2.50.175.79 33530 172.26.37.160 7081
--2864dc52-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--2864dc52-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2864dc52-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS7nrAM1NZ4Hek69xy9RgAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782889374305653 2957 (- - -)
Stopwatch2: 1782889374305653 2957; combined=1576, p1=345, p2=1003, p3=0, p4=0, p5=144, sr=77, sw=84, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2864dc52-Z--
--596e9b4b-A--
[01/Jul/2026:07:03:58.109982 +0000] akS73qg9V@qHULY3xdhV3AAAAMo 2.50.175.79 44158 172.26.37.160 7081
--596e9b4b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--596e9b4b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--596e9b4b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS73qg9V@qHULY3xdhV3AAAAMo"]
Action: Intercepted (phase 2)
Stopwatch: 1782889438107114 2925 (- - -)
Stopwatch2: 1782889438107114 2925; combined=1526, p1=335, p2=993, p3=0, p4=0, p5=133, sr=81, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--596e9b4b-Z--
--a4536d14-A--
[01/Jul/2026:07:04:41.014094 +0000] akS8CbAM1NZ4Hek69xy9YQAAAAw 2.50.175.79 51372 172.26.37.160 7081
--a4536d14-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--a4536d14-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a4536d14-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS8CbAM1NZ4Hek69xy9YQAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782889481011331 2861 (- - -)
Stopwatch2: 1782889481011331 2861; combined=1568, p1=347, p2=997, p3=0, p4=0, p5=146, sr=105, sw=78, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a4536d14-Z--
--41f09c6e-A--
[01/Jul/2026:07:05:12.921281 +0000] akS8KKg9V@qHULY3xdhV9wAAAMc 2.50.175.79 46504 172.26.37.160 7081
--41f09c6e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--41f09c6e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--41f09c6e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akS8KKg9V@qHULY3xdhV9wAAAMc"]
Action: Intercepted (phase 2)
Stopwatch: 1782889512917670 3673 (- - -)
Stopwatch2: 1782889512917670 3673; combined=2014, p1=347, p2=1489, p3=0, p4=0, p5=117, sr=68, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--41f09c6e-Z--
--9ef6c044-A--
[01/Jul/2026:07:26:20.281681 +0000] akTBHKg9V@qHULY3xdhZBAAAANE 88.99.103.29 50914 172.26.37.160 7081
--9ef6c044-B--
GET /robots.txt HTTP/1.1
Host: eonhk.com
X-Real-IP: 88.99.103.29
X-Accel-Internal: /internal-nginx-static-location
Accept-Language: en-us,en-gb,en;q=0.7,*;q=0.3
Accept-Charset: utf-8,iso-8859-1;q=0.7,*;q=0.7
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: x-gzip, gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36/Nutch-1.21-SNAPSHOT
Proxy-Connection: Keep-Alive
--9ef6c044-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9ef6c044-H--
Message: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||eonhk.com|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||eonhk.com|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "eonhk.com"] [uri "/robots.txt"] [unique_id "akTBHKg9V@qHULY3xdhZBAAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782890780279792 1950 (- - -)
Stopwatch2: 1782890780279792 1950; combined=843, p1=465, p2=328, p3=0, p4=0, p5=48, sr=245, sw=2, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9ef6c044-Z--
--a797e577-A--
[01/Jul/2026:07:27:32.420799 +0000] akTBZFNGiALgk1Z2KQIA6AAAAFY 43.131.1.149 38392 172.26.37.160 7081
--a797e577-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: eonhk.com
X-Real-IP: 43.131.1.149
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic ZW9uaGs6ZW9uaGsyMDEz
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0
--a797e577-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a797e577-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eonhk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTBZFNGiALgk1Z2KQIA6AAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782890852417960 2901 (- - -)
Stopwatch2: 1782890852417960 2901; combined=1740, p1=309, p2=1377, p3=0, p4=0, p5=53, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a797e577-Z--
--efcce948-A--
[01/Jul/2026:07:31:56.186440 +0000] akTCbKg9V@qHULY3xdhZdgAAAMY 180.211.113.210 41726 172.26.37.160 7081
--efcce948-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: avmhk.com
X-Real-IP: 180.211.113.210
X-Accel-Internal: /internal-nginx-static-location
Accept: */*
Accept-Language: en-US,en-IN;q=0.8,en;q=0.5,gu;q=0.2
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
--efcce948-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--efcce948-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akTCbKg9V@qHULY3xdhZdgAAAMY"]
Action: Intercepted (phase 2)
Stopwatch: 1782891116182354 5969 (- - -)
Stopwatch2: 1782891116182354 5969; combined=1278, p1=313, p2=893, p3=0, p4=0, p5=72, sr=94, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--efcce948-Z--
--9261af58-A--
[01/Jul/2026:07:42:52.227281 +0000] akTE-LAM1NZ4Hek69xzCVgAAAAM 142.93.127.245 51132 172.26.37.160 7080
--9261af58-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--9261af58-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--9261af58-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akTE-LAM1NZ4Hek69xzCVgAAAAM"]
Action: Intercepted (phase 1)
Stopwatch: 1782891772226745 610 (- - -)
Stopwatch2: 1782891772226745 610; combined=246, p1=198, p2=0, p3=0, p4=0, p5=48, sr=85, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9261af58-Z--
--73e7441a-A--
[01/Jul/2026:07:42:55.016699 +0000] akTE-05ZukFkf9XpqInZHgAAAIM 142.93.127.245 54490 172.26.37.160 7081
--73e7441a-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--73e7441a-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--73e7441a-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akTE-05ZukFkf9XpqInZHgAAAIM"]
Action: Intercepted (phase 1)
Stopwatch: 1782891775016202 537 (- - -)
Stopwatch2: 1782891775016202 537; combined=242, p1=189, p2=0, p3=0, p4=0, p5=52, sr=68, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--73e7441a-Z--
--60f8fa74-A--
[01/Jul/2026:08:00:08.865322 +0000] akTJCLAM1NZ4Hek69xzDygAAAA0 103.154.176.224 51758 172.26.37.160 7081
--60f8fa74-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: eonhk.com
X-Real-IP: 103.154.176.224
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic ZW9uaGs6RW9uaGsyNQ==
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--60f8fa74-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--60f8fa74-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eonhk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTJCLAM1NZ4Hek69xzDygAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782892808860096 5984 (- - -)
Stopwatch2: 1782892808860096 5984; combined=1029, p1=392, p2=557, p3=0, p4=0, p5=79, sr=92, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--60f8fa74-Z--
--47fccc3c-A--
[01/Jul/2026:08:00:18.586293 +0000] akTJErAM1NZ4Hek69xzDzwAAAAg 31.59.20.154 56728 172.26.37.160 7081
--47fccc3c-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 31.59.20.154
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--47fccc3c-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--47fccc3c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akTJErAM1NZ4Hek69xzDzwAAAAg"]
Action: Intercepted (phase 1)
Stopwatch: 1782892818585745 594 (- - -)
Stopwatch2: 1782892818585745 594; combined=257, p1=203, p2=0, p3=0, p4=0, p5=53, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--47fccc3c-Z--
--dd4ce33a-A--
[01/Jul/2026:08:02:14.982594 +0000] akTJhlNGiALgk1Z2KQIDmAAAAEQ 162.158.244.139 33774 172.26.37.160 7081
--dd4ce33a-B--
GET /.git/config HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.244.139
X-Forwarded-For: 2602:fa59:10:e70::1
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
cf-ray: a143e328adf2f4f2-LAS
accept-encoding: gzip, br
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2602:fa59:10:e70::1
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
--dd4ce33a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dd4ce33a-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.git/config"] [unique_id "akTJhlNGiALgk1Z2KQIDmAAAAEQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782892934981902 759 (- - -)
Stopwatch2: 1782892934981902 759; combined=225, p1=175, p2=0, p3=0, p4=0, p5=50, sr=69, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dd4ce33a-Z--
--a9566556-A--
[01/Jul/2026:08:11:48.804453 +0000] akTLxE5ZukFkf9XpqIndFAAAAIg 14.194.173.98 57750 172.26.37.160 7081
--a9566556-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--a9566556-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a9566556-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTLxE5ZukFkf9XpqIndFAAAAIg"]
Action: Intercepted (phase 2)
Stopwatch: 1782893508800419 4095 (- - -)
Stopwatch2: 1782893508800419 4095; combined=2188, p1=344, p2=1654, p3=0, p4=0, p5=127, sr=74, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a9566556-Z--
--93293c1a-A--
[01/Jul/2026:08:13:36.292158 +0000] akTMMLAM1NZ4Hek69xzHagAAAAM 14.194.173.98 41640 172.26.37.160 7081
--93293c1a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--93293c1a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--93293c1a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTMMLAM1NZ4Hek69xzHagAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782893616288804 3415 (- - -)
Stopwatch2: 1782893616288804 3415; combined=1575, p1=337, p2=1059, p3=0, p4=0, p5=117, sr=79, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--93293c1a-Z--
--8b610335-A--
[01/Jul/2026:08:13:47.172582 +0000] akTMO05ZukFkf9XpqIndYgAAAI8 14.194.173.98 43370 172.26.37.160 7081
--8b610335-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--8b610335-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8b610335-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTMO05ZukFkf9XpqIndYgAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782893627169821 2822 (- - -)
Stopwatch2: 1782893627169821 2822; combined=1499, p1=354, p2=972, p3=0, p4=0, p5=112, sr=79, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8b610335-Z--
--1e3bdf08-A--
[01/Jul/2026:08:15:02.100428 +0000] akTMhtXDG6AyyG2HW2QB1wAAAMI 14.194.173.98 41640 172.26.37.160 7081
--1e3bdf08-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--1e3bdf08-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1e3bdf08-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTMhtXDG6AyyG2HW2QB1wAAAMI"]
Action: Intercepted (phase 2)
Stopwatch: 1782893702097642 2848 (- - -)
Stopwatch2: 1782893702097642 2848; combined=1504, p1=336, p2=985, p3=0, p4=0, p5=117, sr=77, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1e3bdf08-Z--
--8e871f6f-A--
[01/Jul/2026:08:15:12.817436 +0000] akTMkNXDG6AyyG2HW2QB5AAAAMA 14.194.173.98 37138 172.26.37.160 7081
--8e871f6f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--8e871f6f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8e871f6f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTMkNXDG6AyyG2HW2QB5AAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782893712814400 3095 (- - -)
Stopwatch2: 1782893712814400 3095; combined=1852, p1=636, p2=1048, p3=0, p4=0, p5=109, sr=84, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8e871f6f-Z--
--009c8737-A--
[01/Jul/2026:08:16:17.816456 +0000] akTM0dXDG6AyyG2HW2QB7wAAANc 124.247.193.157 54042 172.26.37.160 7081
--009c8737-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 124.247.193.157
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--009c8737-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--009c8737-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTM0dXDG6AyyG2HW2QB7wAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782893777810098 9908 (- - -)
Stopwatch2: 1782893777810098 9908; combined=2878, p1=309, p2=2325, p3=0, p4=0, p5=164, sr=67, sw=80, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--009c8737-Z--
--2663a277-A--
[01/Jul/2026:08:17:01.078061 +0000] akTM-bAM1NZ4Hek69xzHpQAAAAE 124.247.193.157 47272 172.26.37.160 7081
--2663a277-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 124.247.193.157
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--2663a277-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2663a277-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTM-bAM1NZ4Hek69xzHpQAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782893821074675 3448 (- - -)
Stopwatch2: 1782893821074675 3448; combined=1588, p1=361, p2=1026, p3=0, p4=0, p5=132, sr=112, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2663a277-Z--
--4bcb8208-A--
[01/Jul/2026:08:17:44.265856 +0000] akTNKNXDG6AyyG2HW2QCCAAAANc 124.247.193.157 37226 172.26.37.160 7081
--4bcb8208-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 124.247.193.157
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 699
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--4bcb8208-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4bcb8208-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTNKNXDG6AyyG2HW2QCCAAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782893864262289 3628 (- - -)
Stopwatch2: 1782893864262289 3628; combined=2380, p1=345, p2=1855, p3=0, p4=0, p5=118, sr=77, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4bcb8208-Z--
--874abd33-A--
[01/Jul/2026:08:18:47.992673 +0000] akTNZ05ZukFkf9XpqIndlAAAAIg 122.178.167.152 45020 172.26.37.160 7081
--874abd33-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--874abd33-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--874abd33-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTNZ05ZukFkf9XpqIndlAAAAIg"]
Action: Intercepted (phase 2)
Stopwatch: 1782893927989506 3227 (- - -)
Stopwatch2: 1782893927989506 3227; combined=1856, p1=342, p2=1333, p3=0, p4=0, p5=118, sr=97, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--874abd33-Z--
--1681866a-A--
[01/Jul/2026:08:19:32.336446 +0000] akTNlNXDG6AyyG2HW2QCKAAAAM8 124.247.193.157 51250 172.26.37.160 7081
--1681866a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 124.247.193.157
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--1681866a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1681866a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTNlNXDG6AyyG2HW2QCKAAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782893972333873 2635 (- - -)
Stopwatch2: 1782893972333873 2635; combined=1444, p1=339, p2=939, p3=0, p4=0, p5=108, sr=96, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1681866a-Z--
--f1f6c11a-A--
[01/Jul/2026:08:19:53.811637 +0000] akTNqdXDG6AyyG2HW2QCLAAAANA 124.247.193.157 36666 172.26.37.160 7081
--f1f6c11a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 124.247.193.157
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--f1f6c11a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f1f6c11a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTNqdXDG6AyyG2HW2QCLAAAANA"]
Action: Intercepted (phase 2)
Stopwatch: 1782893993806250 5441 (- - -)
Stopwatch2: 1782893993806250 5441; combined=3022, p1=1842, p2=1015, p3=0, p4=0, p5=107, sr=91, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f1f6c11a-Z--
--4427e11a-A--
[01/Jul/2026:08:20:12.819317 +0000] akTNvNXDG6AyyG2HW2QCLwAAANU 122.178.167.152 36430 172.26.37.160 7081
--4427e11a-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--4427e11a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4427e11a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTNvNXDG6AyyG2HW2QCLwAAANU"]
Action: Intercepted (phase 2)
Stopwatch: 1782894012815769 3638 (- - -)
Stopwatch2: 1782894012815769 3638; combined=2277, p1=343, p2=1755, p3=0, p4=0, p5=116, sr=82, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4427e11a-Z--
--e7a7455f-A--
[01/Jul/2026:08:20:58.615773 +0000] akTN6rAM1NZ4Hek69xzH6QAAAAQ 124.247.193.157 37196 172.26.37.160 7081
--e7a7455f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 124.247.193.157
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--e7a7455f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e7a7455f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTN6rAM1NZ4Hek69xzH6QAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782894058611888 3942 (- - -)
Stopwatch2: 1782894058611888 3942; combined=1988, p1=324, p2=1454, p3=0, p4=0, p5=139, sr=79, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e7a7455f-Z--
--c0e78507-A--
[01/Jul/2026:08:21:20.188346 +0000] akTOALAM1NZ4Hek69xzH9gAAAAc 124.247.193.157 57532 172.26.37.160 7081
--c0e78507-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 124.247.193.157
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--c0e78507-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c0e78507-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTOALAM1NZ4Hek69xzH9gAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782894080184836 3566 (- - -)
Stopwatch2: 1782894080184836 3566; combined=2388, p1=331, p2=1871, p3=0, p4=0, p5=122, sr=82, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c0e78507-Z--
--c58eb611-A--
[01/Jul/2026:08:21:26.327614 +0000] akTOBrAM1NZ4Hek69xzH@gAAAAM 122.178.167.152 56340 172.26.37.160 7081
--c58eb611-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c58eb611-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c58eb611-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTOBrAM1NZ4Hek69xzH@gAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782894086325102 2571 (- - -)
Stopwatch2: 1782894086325102 2571; combined=1413, p1=303, p2=950, p3=0, p4=0, p5=105, sr=66, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c58eb611-Z--
--234b6a23-A--
[01/Jul/2026:08:21:36.810851 +0000] akTOELAM1NZ4Hek69xzH-AAAABM 122.178.167.152 43148 172.26.37.160 7081
--234b6a23-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--234b6a23-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--234b6a23-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTOELAM1NZ4Hek69xzH-AAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782894096807639 3268 (- - -)
Stopwatch2: 1782894096807639 3268; combined=1521, p1=342, p2=990, p3=0, p4=0, p5=127, sr=78, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--234b6a23-Z--
--bf39786e-A--
[01/Jul/2026:08:22:03.776726 +0000] akTOK05ZukFkf9XpqIndsAAAAIw 124.247.193.157 44562 172.26.37.160 7081
--bf39786e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 124.247.193.157
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--bf39786e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bf39786e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 124.247.193.157 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTOK05ZukFkf9XpqIndsAAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782894123772422 4393 (- - -)
Stopwatch2: 1782894123772422 4393; combined=2746, p1=1263, p2=1304, p3=0, p4=0, p5=115, sr=966, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bf39786e-Z--
--ddb8227f-A--
[01/Jul/2026:08:22:40.083383 +0000] akTOUE5ZukFkf9XpqIndswAAAIk 122.178.167.152 42490 172.26.37.160 7081
--ddb8227f-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ddb8227f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ddb8227f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTOUE5ZukFkf9XpqIndswAAAIk"]
Action: Intercepted (phase 2)
Stopwatch: 1782894160080233 3206 (- - -)
Stopwatch2: 1782894160080233 3206; combined=1513, p1=365, p2=966, p3=0, p4=0, p5=118, sr=80, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ddb8227f-Z--
--7a67156c-A--
[01/Jul/2026:08:22:47.208331 +0000] akTOV7AM1NZ4Hek69xzIFwAAABg 14.194.173.98 45324 172.26.37.160 7081
--7a67156c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--7a67156c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7a67156c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTOV7AM1NZ4Hek69xzIFwAAABg"]
Action: Intercepted (phase 2)
Stopwatch: 1782894167203754 4637 (- - -)
Stopwatch2: 1782894167203754 4637; combined=2955, p1=1025, p2=1013, p3=0, p4=0, p5=844, sr=78, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7a67156c-Z--
--920c9510-A--
[01/Jul/2026:08:22:53.084241 +0000] akTOXdXDG6AyyG2HW2QCXAAAAMw 172.71.122.230 45452 172.26.37.160 7081
--920c9510-B--
GET //wp-json/wp/v2/users/ HTTP/1.1
Host: www.airvenushk.com
X-Real-IP: 172.71.122.230
X-Forwarded-For: 85.204.70.106
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14401653e622a3e-CDG
accept-encoding: gzip, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 85.204.70.106
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
cookie: PHPSESSID=gr186rkj9d444tbe1b98r7pqnp
--920c9510-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--920c9510-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.airvenushk.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akTOXdXDG6AyyG2HW2QCXAAAAMw"]
Action: Intercepted (phase 2)
Stopwatch: 1782894173081326 2989 (- - -)
Stopwatch2: 1782894173081326 2989; combined=1124, p1=360, p2=706, p3=0, p4=0, p5=57, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--920c9510-Z--
--d23cc507-A--
[01/Jul/2026:08:22:55.855642 +0000] akTOX9XDG6AyyG2HW2QCXgAAAMM 172.71.122.230 56172 172.26.37.160 7081
--d23cc507-B--
POST //xmlrpc.php HTTP/1.1
Host: www.airvenushk.com
X-Real-IP: 172.71.122.230
X-Forwarded-For: 85.204.70.106
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 484
accept-encoding: gzip, br
content-type: application/xml
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
cf-ray: a14401769a222a3e-CDG
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 85.204.70.106
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
cookie: PHPSESSID=gr186rkj9d444tbe1b98r7pqnp
--d23cc507-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d23cc507-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 85.204.70.106 (+1 hits since last alert)|www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 85.204.70.106 (+1 hits since last alert)|www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akTOX9XDG6AyyG2HW2QCXgAAAMM"]
Action: Intercepted (phase 2)
Stopwatch: 1782894175850928 8769 (- - -)
Stopwatch2: 1782894175850928 8769; combined=3031, p1=334, p2=1766, p3=0, p4=0, p5=866, sr=79, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d23cc507-Z--
--0bd65b1a-A--
[01/Jul/2026:08:23:22.393170 +0000] akTOek5ZukFkf9XpqInd0wAAAIs 122.178.167.152 45792 172.26.37.160 7081
--0bd65b1a-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--0bd65b1a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0bd65b1a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTOek5ZukFkf9XpqInd0wAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782894202388209 7356 (- - -)
Stopwatch2: 1782894202388209 7356; combined=1937, p1=307, p2=1446, p3=0, p4=0, p5=122, sr=71, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0bd65b1a-Z--
--5e7b823a-A--
[01/Jul/2026:08:23:43.363567 +0000] akTOj9XDG6AyyG2HW2QCeQAAANM 122.178.167.152 60210 172.26.37.160 7081
--5e7b823a-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5e7b823a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5e7b823a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTOj9XDG6AyyG2HW2QCeQAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782894223359842 3801 (- - -)
Stopwatch2: 1782894223359842 3801; combined=1497, p1=326, p2=983, p3=0, p4=0, p5=127, sr=73, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5e7b823a-Z--
--4b923525-A--
[01/Jul/2026:08:24:03.031547 +0000] akTOo05ZukFkf9XpqInd2wAAAJg 14.194.173.98 46936 172.26.37.160 7081
--4b923525-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--4b923525-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4b923525-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTOo05ZukFkf9XpqInd2wAAAJg"]
Action: Intercepted (phase 2)
Stopwatch: 1782894243028171 3432 (- - -)
Stopwatch2: 1782894243028171 3432; combined=2131, p1=515, p2=1438, p3=0, p4=0, p5=116, sr=256, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4b923525-Z--
--7fec2f04-A--
[01/Jul/2026:08:24:14.580221 +0000] akTOrdXDG6AyyG2HW2QCfwAAAMs 14.194.173.98 40156 172.26.37.160 7081
--7fec2f04-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--7fec2f04-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7fec2f04-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTOrdXDG6AyyG2HW2QCfwAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782894253936471 645389 (- - -)
Stopwatch2: 1782894253936471 645389; combined=1280216, p1=438, p2=1434, p3=0, p4=0, p5=639202, sr=72, sw=639142, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7fec2f04-Z--
--69784031-A--
[01/Jul/2026:08:24:46.999882 +0000] akTOztXDG6AyyG2HW2QCgwAAANE 122.178.167.152 42338 172.26.37.160 7081
--69784031-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--69784031-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--69784031-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTOztXDG6AyyG2HW2QCgwAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782894286996048 3897 (- - -)
Stopwatch2: 1782894286996048 3897; combined=2487, p1=905, p2=1401, p3=0, p4=0, p5=120, sr=78, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--69784031-Z--
--892e6952-A--
[01/Jul/2026:08:24:57.467642 +0000] akTO2bAM1NZ4Hek69xzISQAAAAY 122.178.167.152 50200 172.26.37.160 7081
--892e6952-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--892e6952-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--892e6952-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTO2bAM1NZ4Hek69xzISQAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782894297463968 3737 (- - -)
Stopwatch2: 1782894297463968 3737; combined=1933, p1=311, p2=1441, p3=0, p4=0, p5=121, sr=78, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--892e6952-Z--
--56de4f06-A--
[01/Jul/2026:08:25:18.471792 +0000] akTO7tXDG6AyyG2HW2QCkgAAANM 14.194.173.98 35652 172.26.37.160 7081
--56de4f06-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--56de4f06-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--56de4f06-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTO7tXDG6AyyG2HW2QCkgAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782894318468503 3353 (- - -)
Stopwatch2: 1782894318468503 3353; combined=1950, p1=374, p2=1378, p3=0, p4=0, p5=134, sr=86, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--56de4f06-Z--
--b6d00773-A--
[01/Jul/2026:08:25:59.072450 +0000] akTPF9XDG6AyyG2HW2QCmQAAAMs 172.71.98.36 44092 172.26.37.160 7081
--b6d00773-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a14405ea3f730b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--b6d00773-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b6d00773-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTPF9XDG6AyyG2HW2QCmQAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782894359069777 2761 (- - -)
Stopwatch2: 1782894359069777 2761; combined=1525, p1=315, p2=1047, p3=0, p4=0, p5=108, sr=72, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b6d00773-Z--
--be8c0d30-A--
[01/Jul/2026:08:26:08.476056 +0000] akTPILAM1NZ4Hek69xzIVgAAAAg 172.71.98.36 37940 172.26.37.160 7081
--be8c0d30-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a144062a29f90b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--be8c0d30-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--be8c0d30-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTPILAM1NZ4Hek69xzIVgAAAAg"]
Action: Intercepted (phase 2)
Stopwatch: 1782894368473149 3036 (- - -)
Stopwatch2: 1782894368473149 3036; combined=1657, p1=326, p2=1116, p3=0, p4=0, p5=142, sr=84, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--be8c0d30-Z--
--5795bd4e-A--
[01/Jul/2026:08:26:10.929463 +0000] akTPItXDG6AyyG2HW2QCnAAAAMg 122.178.167.152 37950 172.26.37.160 7081
--5795bd4e-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5795bd4e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5795bd4e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTPItXDG6AyyG2HW2QCnAAAAMg"]
Action: Intercepted (phase 2)
Stopwatch: 1782894370925187 4363 (- - -)
Stopwatch2: 1782894370925187 4363; combined=2932, p1=355, p2=2389, p3=0, p4=0, p5=124, sr=83, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5795bd4e-Z--
--d118d73f-A--
[01/Jul/2026:08:26:23.481443 +0000] akTPL05ZukFkf9XpqInd6gAAAIM 14.194.173.98 49780 172.26.37.160 7081
--d118d73f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--d118d73f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d118d73f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTPL05ZukFkf9XpqInd6gAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782894383477342 4158 (- - -)
Stopwatch2: 1782894383477342 4158; combined=2056, p1=346, p2=1520, p3=0, p4=0, p5=127, sr=83, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d118d73f-Z--
--010b0b50-A--
[01/Jul/2026:08:27:14.248422 +0000] akTPYk5ZukFkf9XpqInd8QAAAJc 122.178.167.152 58308 172.26.37.160 7081
--010b0b50-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--010b0b50-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--010b0b50-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTPYk5ZukFkf9XpqInd8QAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782894434245205 3281 (- - -)
Stopwatch2: 1782894434245205 3281; combined=1741, p1=297, p2=1283, p3=0, p4=0, p5=107, sr=61, sw=54, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--010b0b50-Z--
--deb3982f-A--
[01/Jul/2026:08:27:17.440446 +0000] akTPZbAM1NZ4Hek69xzIfwAAAAs 14.194.173.98 58588 172.26.37.160 7081
--deb3982f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--deb3982f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--deb3982f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTPZbAM1NZ4Hek69xzIfwAAAAs"]
Action: Intercepted (phase 2)
Stopwatch: 1782894437437051 3477 (- - -)
Stopwatch2: 1782894437437051 3477; combined=1496, p1=352, p2=975, p3=0, p4=0, p5=110, sr=85, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--deb3982f-Z--
--bd611644-A--
[01/Jul/2026:08:27:21.787566 +0000] akTPabAM1NZ4Hek69xzIgAAAAAU 172.71.98.36 58604 172.26.37.160 7081
--bd611644-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a14407f47c740b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--bd611644-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bd611644-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTPabAM1NZ4Hek69xzIgAAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782894441783928 3716 (- - -)
Stopwatch2: 1782894441783928 3716; combined=2526, p1=345, p2=2013, p3=0, p4=0, p5=109, sr=75, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bd611644-Z--
--95380a3c-A--
[01/Jul/2026:08:27:35.190627 +0000] akTPd9XDG6AyyG2HW2QCtgAAAMw 122.178.167.152 49572 172.26.37.160 7081
--95380a3c-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--95380a3c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--95380a3c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTPd9XDG6AyyG2HW2QCtgAAAMw"]
Action: Intercepted (phase 2)
Stopwatch: 1782894455187117 3566 (- - -)
Stopwatch2: 1782894455187117 3566; combined=2382, p1=344, p2=1854, p3=0, p4=0, p5=120, sr=84, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--95380a3c-Z--
--fc716c51-A--
[01/Jul/2026:08:27:39.038041 +0000] akTPe9XDG6AyyG2HW2QCtwAAAM8 14.194.173.98 49584 172.26.37.160 7081
--fc716c51-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--fc716c51-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fc716c51-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTPe9XDG6AyyG2HW2QCtwAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782894459034919 3182 (- - -)
Stopwatch2: 1782894459034919 3182; combined=1508, p1=322, p2=1020, p3=0, p4=0, p5=108, sr=82, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fc716c51-Z--
--4a82bd4a-A--
[01/Jul/2026:08:27:42.758547 +0000] akTPfrAM1NZ4Hek69xzIhAAAAAA 172.71.98.36 49596 172.26.37.160 7081
--4a82bd4a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a144087788ef0b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4a82bd4a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4a82bd4a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTPfrAM1NZ4Hek69xzIhAAAAAA"]
Action: Intercepted (phase 2)
Stopwatch: 1782894462755324 3303 (- - -)
Stopwatch2: 1782894462755324 3303; combined=1972, p1=770, p2=1032, p3=0, p4=0, p5=111, sr=500, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4a82bd4a-Z--
--ed254851-A--
[01/Jul/2026:08:28:28.357017 +0000] akTPrLAM1NZ4Hek69xzIjgAAAAU 122.178.167.152 49930 172.26.37.160 7081
--ed254851-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ed254851-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ed254851-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTPrLAM1NZ4Hek69xzIjgAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782894508353875 3203 (- - -)
Stopwatch2: 1782894508353875 3203; combined=1536, p1=350, p2=951, p3=0, p4=0, p5=149, sr=86, sw=86, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ed254851-Z--
--656abe7f-A--
[01/Jul/2026:08:28:56.783178 +0000] akTPyLAM1NZ4Hek69xzImwAAAAU 172.71.98.36 40674 172.26.37.160 7081
--656abe7f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a1440a462e9c0b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--656abe7f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--656abe7f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTPyLAM1NZ4Hek69xzImwAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782894536779990 3274 (- - -)
Stopwatch2: 1782894536779990 3274; combined=1718, p1=411, p2=1085, p3=0, p4=0, p5=150, sr=79, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--656abe7f-Z--
--34ff1726-A--
[01/Jul/2026:08:29:04.208726 +0000] akTP0E5ZukFkf9XpqIneDAAAAJY 162.158.123.4 33700 172.26.37.160 7081
--34ff1726-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.123.4
X-Forwarded-For: 217.154.185.101
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic c2ltb3R0bzpTaW1vdHRvIw==
accept: application/json
user-agent: Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
accept-encoding: gzip, br
cf-ray: a1440a72ce70014c-MAD
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 217.154.185.101
cf-ipcountry: ES
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--34ff1726-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--34ff1726-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "simottodesign.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTP0E5ZukFkf9XpqIneDAAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782894544203669 5405 (- - -)
Stopwatch2: 1782894544203669 5405; combined=1552, p1=746, p2=740, p3=0, p4=0, p5=65, sr=76, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--34ff1726-Z--
--2c6f3d14-A--
[01/Jul/2026:08:29:10.339965 +0000] akTP1rAM1NZ4Hek69xzIrQAAABU 122.178.167.152 34012 172.26.37.160 7081
--2c6f3d14-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--2c6f3d14-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2c6f3d14-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTP1rAM1NZ4Hek69xzIrQAAABU"]
Action: Intercepted (phase 2)
Stopwatch: 1782894550336689 3332 (- - -)
Stopwatch2: 1782894550336689 3332; combined=2144, p1=890, p2=1080, p3=0, p4=0, p5=114, sr=81, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2c6f3d14-Z--
--862c5550-A--
[01/Jul/2026:08:29:26.621032 +0000] akTP5tXDG6AyyG2HW2QC6QAAANY 14.194.173.98 41822 172.26.37.160 7081
--862c5550-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--862c5550-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--862c5550-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTP5tXDG6AyyG2HW2QC6QAAANY"]
Action: Intercepted (phase 2)
Stopwatch: 1782894566616741 4746 (- - -)
Stopwatch2: 1782894566616741 4746; combined=1575, p1=339, p2=988, p3=0, p4=0, p5=160, sr=68, sw=88, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--862c5550-Z--
--d5807452-A--
[01/Jul/2026:08:29:31.295336 +0000] akTP67AM1NZ4Hek69xzIuAAAAAc 122.178.167.152 41862 172.26.37.160 7081
--d5807452-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--d5807452-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d5807452-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTP67AM1NZ4Hek69xzIuAAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782894571290095 5358 (- - -)
Stopwatch2: 1782894571290095 5358; combined=2034, p1=352, p2=1438, p3=0, p4=0, p5=160, sr=74, sw=84, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d5807452-Z--
--ec94e734-A--
[01/Jul/2026:08:29:48.678414 +0000] akTP-LAM1NZ4Hek69xzIvwAAAAE 14.194.173.98 36682 172.26.37.160 7081
--ec94e734-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--ec94e734-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ec94e734-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTP-LAM1NZ4Hek69xzIvwAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782894588674817 3666 (- - -)
Stopwatch2: 1782894588674817 3666; combined=2489, p1=374, p2=1943, p3=0, p4=0, p5=113, sr=76, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ec94e734-Z--
--6561c969-A--
[01/Jul/2026:08:29:50.267825 +0000] akTP-rAM1NZ4Hek69xzIwAAAAA0 172.71.98.36 36688 172.26.37.160 7081
--6561c969-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a1440b947fda0b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6561c969-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6561c969-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTP-rAM1NZ4Hek69xzIwAAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782894590263636 4270 (- - -)
Stopwatch2: 1782894590263636 4270; combined=2029, p1=363, p2=1480, p3=0, p4=0, p5=124, sr=90, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6561c969-Z--
--91a2a038-A--
[01/Jul/2026:08:30:13.427908 +0000] akTQFdXDG6AyyG2HW2QDDgAAAM4 122.178.167.152 45166 172.26.37.160 7081
--91a2a038-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--91a2a038-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--91a2a038-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTQFdXDG6AyyG2HW2QDDgAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782894613423909 4055 (- - -)
Stopwatch2: 1782894613423909 4055; combined=1516, p1=348, p2=959, p3=0, p4=0, p5=138, sr=79, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--91a2a038-Z--
--f870a246-A--
[01/Jul/2026:08:31:12.593152 +0000] akTQUNXDG6AyyG2HW2QDHwAAAM8 172.71.98.36 37176 172.26.37.160 7081
--f870a246-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a1440d96f9d70b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f870a246-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f870a246-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTQUNXDG6AyyG2HW2QDHwAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782894672589918 3313 (- - -)
Stopwatch2: 1782894672589918 3313; combined=2137, p1=946, p2=1029, p3=0, p4=0, p5=105, sr=77, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f870a246-Z--
--a9001272-A--
[01/Jul/2026:08:31:16.014887 +0000] akTQVLAM1NZ4Hek69xzJCAAAABA 14.194.173.98 55494 172.26.37.160 7081
--a9001272-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 699
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--a9001272-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a9001272-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTQVLAM1NZ4Hek69xzJCAAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782894676010846 4257 (- - -)
Stopwatch2: 1782894676010846 4257; combined=2398, p1=400, p2=1826, p3=0, p4=0, p5=111, sr=90, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a9001272-Z--
--c536aa2c-A--
[01/Jul/2026:08:31:26.520400 +0000] akTQXrAM1NZ4Hek69xzJEgAAAAQ 14.194.173.98 37186 172.26.37.160 7081
--c536aa2c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: WordPress.com; https://wordpress.com
--c536aa2c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c536aa2c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTQXrAM1NZ4Hek69xzJEgAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782894686516943 3517 (- - -)
Stopwatch2: 1782894686516943 3517; combined=2276, p1=355, p2=1747, p3=0, p4=0, p5=114, sr=78, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c536aa2c-Z--
--1ce9e367-A--
[01/Jul/2026:08:31:27.452683 +0000] akTQX9XDG6AyyG2HW2QDLwAAAMk 122.178.167.152 37196 172.26.37.160 7081
--1ce9e367-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1ce9e367-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1ce9e367-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTQX9XDG6AyyG2HW2QDLwAAAMk"]
Action: Intercepted (phase 2)
Stopwatch: 1782894687448650 4094 (- - -)
Stopwatch2: 1782894687448650 4094; combined=2570, p1=371, p2=1013, p3=0, p4=0, p5=620, sr=123, sw=566, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1ce9e367-Z--
--5cb2b96f-A--
[01/Jul/2026:08:31:33.516079 +0000] akTQZdXDG6AyyG2HW2QDMAAAAMo 172.71.98.36 37226 172.26.37.160 7081
--5cb2b96f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a1440e19caf00b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5cb2b96f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5cb2b96f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTQZdXDG6AyyG2HW2QDMAAAAMo"]
Action: Intercepted (phase 2)
Stopwatch: 1782894693512772 3387 (- - -)
Stopwatch2: 1782894693512772 3387; combined=1634, p1=337, p2=1115, p3=0, p4=0, p5=121, sr=75, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5cb2b96f-Z--
--5efaa770-A--
[01/Jul/2026:08:32:09.367242 +0000] akTQibAM1NZ4Hek69xzJGwAAABQ 122.178.167.152 34508 172.26.37.160 7081
--5efaa770-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5efaa770-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5efaa770-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTQibAM1NZ4Hek69xzJGwAAABQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782894729364599 3052 (- - -)
Stopwatch2: 1782894729364599 3052; combined=1513, p1=382, p2=963, p3=0, p4=0, p5=110, sr=110, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5efaa770-Z--
--fa605e1e-A--
[01/Jul/2026:08:32:20.557450 +0000] akTQlLAM1NZ4Hek69xzJHwAAAAc 14.194.173.98 34920 172.26.37.160 7081
--fa605e1e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 14.194.173.98
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-IN
User-Agent: Jetpack by WordPress.com
--fa605e1e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fa605e1e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.194.173.98 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTQlLAM1NZ4Hek69xzJHwAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782894740553622 3884 (- - -)
Stopwatch2: 1782894740553622 3884; combined=2246, p1=362, p2=951, p3=0, p4=0, p5=501, sr=102, sw=432, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fa605e1e-Z--
--a6d1e614-A--
[01/Jul/2026:08:32:47.069184 +0000] akTQr7AM1NZ4Hek69xzJKgAAAA0 172.71.98.36 34170 172.26.37.160 7081
--a6d1e614-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a1440fe578dc0b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a6d1e614-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a6d1e614-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTQr7AM1NZ4Hek69xzJKgAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782894767065059 4206 (- - -)
Stopwatch2: 1782894767065059 4206; combined=2818, p1=1476, p2=1080, p3=0, p4=0, p5=198, sr=83, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a6d1e614-Z--
--84491531-A--
[01/Jul/2026:08:32:51.345278 +0000] akTQs7AM1NZ4Hek69xzJKwAAAAk 122.178.167.152 34186 172.26.37.160 7081
--84491531-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--84491531-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--84491531-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTQs7AM1NZ4Hek69xzJKwAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782894771341829 3920 (- - -)
Stopwatch2: 1782894771341829 3920; combined=1541, p1=326, p2=1014, p3=0, p4=0, p5=137, sr=86, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--84491531-Z--
--fb9e1564-A--
[01/Jul/2026:08:33:09.789792 +0000] akTQxdXDG6AyyG2HW2QDRgAAANA 172.71.98.36 34336 172.26.37.160 7081
--fb9e1564-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a144107379d30b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--fb9e1564-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fb9e1564-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTQxdXDG6AyyG2HW2QDRgAAANA"]
Action: Intercepted (phase 2)
Stopwatch: 1782894789787121 2754 (- - -)
Stopwatch2: 1782894789787121 2754; combined=1574, p1=340, p2=1072, p3=0, p4=0, p5=105, sr=85, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fb9e1564-Z--
--20127b11-A--
[01/Jul/2026:08:33:33.577529 +0000] akTQ3bAM1NZ4Hek69xzJNgAAABE 122.178.167.152 35692 172.26.37.160 7081
--20127b11-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--20127b11-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--20127b11-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTQ3bAM1NZ4Hek69xzJNgAAABE"]
Action: Intercepted (phase 2)
Stopwatch: 1782894813573988 3606 (- - -)
Stopwatch2: 1782894813573988 3606; combined=1939, p1=321, p2=1421, p3=0, p4=0, p5=129, sr=83, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--20127b11-Z--
--ca434845-A--
[01/Jul/2026:08:33:49.930776 +0000] akTQ7bAM1NZ4Hek69xzJRwAAABA 172.71.98.36 40080 172.26.37.160 7081
--ca434845-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a144116e5b590b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ca434845-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ca434845-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTQ7bAM1NZ4Hek69xzJRwAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782894829927310 5904 (- - -)
Stopwatch2: 1782894829927310 5904; combined=2255, p1=306, p2=1776, p3=0, p4=0, p5=112, sr=68, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ca434845-Z--
--1b690301-A--
[01/Jul/2026:08:34:05.246114 +0000] akTQ-bAM1NZ4Hek69xzJTgAAABY 122.178.167.152 33720 172.26.37.160 7081
--1b690301-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1b690301-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1b690301-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTQ-bAM1NZ4Hek69xzJTgAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782894845243352 2847 (- - -)
Stopwatch2: 1782894845243352 2847; combined=1702, p1=322, p2=1199, p3=0, p4=0, p5=119, sr=71, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1b690301-Z--
--39442f5f-A--
[01/Jul/2026:08:34:21.402305 +0000] akTRDbAM1NZ4Hek69xzJVQAAAAM 172.71.98.36 50064 172.26.37.160 7081
--39442f5f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.98.36
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 730
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a14412330fae0b66-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--39442f5f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--39442f5f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 172.71.98.36 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTRDbAM1NZ4Hek69xzJVQAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782894861398979 4829 (- - -)
Stopwatch2: 1782894861398979 4829; combined=2641, p1=359, p2=1171, p3=0, p4=0, p5=583, sr=87, sw=528, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--39442f5f-Z--
--0c394b09-A--
[01/Jul/2026:08:34:40.342742 +0000] akTRINXDG6AyyG2HW2QDaAAAAMc 39.63.43.161 52312 172.26.37.160 7081
--0c394b09-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--0c394b09-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0c394b09-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTRINXDG6AyyG2HW2QDaAAAAMc"]
Action: Intercepted (phase 2)
Stopwatch: 1782894880339603 3233 (- - -)
Stopwatch2: 1782894880339603 3233; combined=1955, p1=305, p2=1414, p3=0, p4=0, p5=158, sr=69, sw=78, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0c394b09-Z--
--fc146628-A--
[01/Jul/2026:08:34:57.763723 +0000] akTRMdXDG6AyyG2HW2QDbgAAAMY 122.178.167.152 35806 172.26.37.160 7081
--fc146628-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--fc146628-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fc146628-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTRMdXDG6AyyG2HW2QDbgAAAMY"]
Action: Intercepted (phase 2)
Stopwatch: 1782894897760261 3858 (- - -)
Stopwatch2: 1782894897760261 3858; combined=1518, p1=336, p2=1018, p3=0, p4=0, p5=107, sr=73, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fc146628-Z--
--3c94a34c-A--
[01/Jul/2026:08:35:44.054928 +0000] akTRYNXDG6AyyG2HW2QDigAAANM 39.63.43.161 33422 172.26.37.160 7081
--3c94a34c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--3c94a34c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3c94a34c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTRYNXDG6AyyG2HW2QDigAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782894944051520 3465 (- - -)
Stopwatch2: 1782894944051520 3465; combined=2452, p1=360, p2=1915, p3=0, p4=0, p5=116, sr=81, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3c94a34c-Z--
--cb6d8553-A--
[01/Jul/2026:08:35:50.143971 +0000] akTRZrAM1NZ4Hek69xzJlgAAAAM 122.178.167.152 48908 172.26.37.160 7081
--cb6d8553-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--cb6d8553-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cb6d8553-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTRZrAM1NZ4Hek69xzJlgAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782894950140382 3648 (- - -)
Stopwatch2: 1782894950140382 3648; combined=1573, p1=334, p2=1064, p3=0, p4=0, p5=116, sr=86, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cb6d8553-Z--
--313f8038-A--
[01/Jul/2026:08:36:00.628999 +0000] akTRcLAM1NZ4Hek69xzJmAAAAAU 122.178.167.152 38874 172.26.37.160 7081
--313f8038-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--313f8038-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--313f8038-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTRcLAM1NZ4Hek69xzJmAAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782894960625675 3380 (- - -)
Stopwatch2: 1782894960625675 3380; combined=1772, p1=321, p2=1229, p3=0, p4=0, p5=137, sr=86, sw=85, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--313f8038-Z--
--ec86d90f-A--
[01/Jul/2026:08:36:58.535240 +0000] akTRqtXDG6AyyG2HW2QDkwAAAMQ 39.63.43.161 34048 172.26.37.160 7081
--ec86d90f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ec86d90f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ec86d90f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTRqtXDG6AyyG2HW2QDkwAAAMQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782895018531783 3515 (- - -)
Stopwatch2: 1782895018531783 3515; combined=2257, p1=336, p2=1358, p3=0, p4=0, p5=488, sr=75, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ec86d90f-Z--
--33743651-A--
[01/Jul/2026:08:37:09.128636 +0000] akTRtbAM1NZ4Hek69xzJqQAAABY 39.63.43.161 54242 172.26.37.160 7081
--33743651-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--33743651-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--33743651-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTRtbAM1NZ4Hek69xzJqQAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782895029125831 2866 (- - -)
Stopwatch2: 1782895029125831 2866; combined=1612, p1=362, p2=1063, p3=0, p4=0, p5=126, sr=87, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--33743651-Z--
--57cc9651-A--
[01/Jul/2026:08:37:09.228623 +0000] akTRtbAM1NZ4Hek69xzJqgAAAAk 104.22.14.164 54254 172.26.37.160 7081
--57cc9651-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.164
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a144164bd9f1ae27-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--57cc9651-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--57cc9651-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTRtbAM1NZ4Hek69xzJqgAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782895029225923 2785 (- - -)
Stopwatch2: 1782895029225923 2785; combined=1557, p1=324, p2=1073, p3=0, p4=0, p5=106, sr=81, sw=54, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--57cc9651-Z--
--2b95903c-A--
[01/Jul/2026:08:37:14.339931 +0000] akTRurAM1NZ4Hek69xzJrwAAAAA 180.211.113.210 46678 172.26.37.160 7081
--2b95903c-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: eonhk.com
X-Real-IP: 180.211.113.210
X-Accel-Internal: /internal-nginx-static-location
Accept: */*
Accept-Language: en-US,en-IN;q=0.8,en;q=0.5,gu;q=0.2
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
--2b95903c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2b95903c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eonhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akTRurAM1NZ4Hek69xzJrwAAAAA"]
Action: Intercepted (phase 2)
Stopwatch: 1782895034337593 2391 (- - -)
Stopwatch2: 1782895034337593 2391; combined=1285, p1=798, p2=440, p3=0, p4=0, p5=46, sr=587, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2b95903c-Z--
--7c031a7f-A--
[01/Jul/2026:08:37:35.230877 +0000] akTRz7AM1NZ4Hek69xzJtgAAABY 122.178.167.152 52290 172.26.37.160 7081
--7c031a7f-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--7c031a7f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7c031a7f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTRz7AM1NZ4Hek69xzJtgAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782895055226957 3985 (- - -)
Stopwatch2: 1782895055226957 3985; combined=1493, p1=351, p2=956, p3=0, p4=0, p5=128, sr=85, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7c031a7f-Z--
--ba129420-A--
[01/Jul/2026:08:37:45.698976 +0000] akTR2bAM1NZ4Hek69xzJuAAAAA8 122.178.167.152 37370 172.26.37.160 7081
--ba129420-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ba129420-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ba129420-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTR2bAM1NZ4Hek69xzJuAAAAA8"]
Action: Intercepted (phase 2)
Stopwatch: 1782895065694986 4048 (- - -)
Stopwatch2: 1782895065694986 4048; combined=2935, p1=321, p2=2020, p3=0, p4=0, p5=332, sr=82, sw=262, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ba129420-Z--
--1a8df213-A--
[01/Jul/2026:08:38:12.392612 +0000] akTR9LAM1NZ4Hek69xzJvgAAAAU 39.63.43.161 36780 172.26.37.160 7081
--1a8df213-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1a8df213-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1a8df213-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTR9LAM1NZ4Hek69xzJvgAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782895092389094 3576 (- - -)
Stopwatch2: 1782895092389094 3576; combined=2013, p1=345, p2=1422, p3=0, p4=0, p5=162, sr=83, sw=84, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1a8df213-Z--
--1554e930-A--
[01/Jul/2026:08:38:22.562489 +0000] akTR-rAM1NZ4Hek69xzJvwAAAA4 104.22.14.164 46438 172.26.37.160 7081
--1554e930-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.164
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a14418163bbaae27-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1554e930-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1554e930-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTR-rAM1NZ4Hek69xzJvwAAAA4"]
Action: Intercepted (phase 2)
Stopwatch: 1782895102559536 3039 (- - -)
Stopwatch2: 1782895102559536 3039; combined=1818, p1=332, p2=1324, p3=0, p4=0, p5=107, sr=68, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1554e930-Z--
--3aac767e-A--
[01/Jul/2026:08:38:48.910210 +0000] akTSGNXDG6AyyG2HW2QDqAAAAMI 122.178.167.152 44660 172.26.37.160 7081
--3aac767e-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--3aac767e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3aac767e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTSGNXDG6AyyG2HW2QDqAAAAMI"]
Action: Intercepted (phase 2)
Stopwatch: 1782895128907152 3113 (- - -)
Stopwatch2: 1782895128907152 3113; combined=1928, p1=755, p2=1001, p3=0, p4=0, p5=111, sr=83, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3aac767e-Z--
--cd4f9836-A--
[01/Jul/2026:08:38:54.084624 +0000] akTSHrAM1NZ4Hek69xzJyQAAAAM 104.22.14.164 44672 172.26.37.160 7081
--cd4f9836-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.164
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a14418db3c84ae27-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--cd4f9836-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cd4f9836-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTSHrAM1NZ4Hek69xzJyQAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782895134080958 3746 (- - -)
Stopwatch2: 1782895134080958 3746; combined=2438, p1=334, p2=1931, p3=0, p4=0, p5=114, sr=83, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cd4f9836-Z--
--8c094152-A--
[01/Jul/2026:08:38:59.500835 +0000] akTSI9XDG6AyyG2HW2QDqQAAAMU 122.178.167.152 38444 172.26.37.160 7081
--8c094152-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--8c094152-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8c094152-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTSI9XDG6AyyG2HW2QDqQAAAMU"]
Action: Intercepted (phase 2)
Stopwatch: 1782895139497464 3448 (- - -)
Stopwatch2: 1782895139497464 3448; combined=1817, p1=707, p2=931, p3=0, p4=0, p5=117, sr=67, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8c094152-Z--
--dc0ceb2e-A--
[01/Jul/2026:08:39:15.468335 +0000] akTSM05ZukFkf9XpqInekwAAAJA 39.63.43.161 40162 172.26.37.160 7081
--dc0ceb2e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--dc0ceb2e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dc0ceb2e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTSM05ZukFkf9XpqInekwAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782895155464964 3446 (- - -)
Stopwatch2: 1782895155464964 3446; combined=2390, p1=351, p2=1812, p3=0, p4=0, p5=151, sr=91, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dc0ceb2e-Z--
--4cd08e10-A--
[01/Jul/2026:08:39:25.662188 +0000] akTSPdXDG6AyyG2HW2QDvwAAANc 104.22.14.164 54778 172.26.37.160 7081
--4cd08e10-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.164
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a14419a08af2ae27-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4cd08e10-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4cd08e10-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTSPdXDG6AyyG2HW2QDvwAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782895165658518 3777 (- - -)
Stopwatch2: 1782895165658518 3777; combined=2525, p1=349, p2=2011, p3=0, p4=0, p5=108, sr=82, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4cd08e10-Z--
--655bc307-A--
[01/Jul/2026:08:39:57.446446 +0000] akTSXdXDG6AyyG2HW2QDxgAAANA 39.63.43.161 39460 172.26.37.160 7081
--655bc307-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--655bc307-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--655bc307-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTSXdXDG6AyyG2HW2QDxgAAANA"]
Action: Intercepted (phase 2)
Stopwatch: 1782895197443219 3299 (- - -)
Stopwatch2: 1782895197443219 3299; combined=2215, p1=341, p2=1713, p3=0, p4=0, p5=105, sr=84, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--655bc307-Z--
--9034b235-A--
[01/Jul/2026:08:40:13.631281 +0000] akTSbU5ZukFkf9XpqIneogAAAJQ 122.178.167.152 51676 172.26.37.160 7081
--9034b235-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--9034b235-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9034b235-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTSbU5ZukFkf9XpqIneogAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782895213628399 2942 (- - -)
Stopwatch2: 1782895213628399 2942; combined=1478, p1=350, p2=941, p3=0, p4=0, p5=127, sr=83, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9034b235-Z--
--102dcb11-A--
[01/Jul/2026:08:40:18.442815 +0000] akTSctXDG6AyyG2HW2QDywAAANU 39.63.43.161 58710 172.26.37.160 7081
--102dcb11-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--102dcb11-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--102dcb11-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTSctXDG6AyyG2HW2QDywAAANU"]
Action: Intercepted (phase 2)
Stopwatch: 1782895218439277 3606 (- - -)
Stopwatch2: 1782895218439277 3606; combined=2371, p1=387, p2=1797, p3=0, p4=0, p5=122, sr=102, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--102dcb11-Z--
--c0a01744-A--
[01/Jul/2026:08:40:39.013749 +0000] akTSh05ZukFkf9XpqInepAAAAI8 104.22.14.164 45568 172.26.37.160 7081
--c0a01744-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.164
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a1441b6b0b07ae27-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c0a01744-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c0a01744-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTSh05ZukFkf9XpqInepAAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782895239011037 2820 (- - -)
Stopwatch2: 1782895239011037 2820; combined=1560, p1=330, p2=1063, p3=0, p4=0, p5=110, sr=86, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c0a01744-Z--
--a7e26b13-A--
[01/Jul/2026:08:40:45.100850 +0000] akTSjbAM1NZ4Hek69xzJ@AAAABE 122.178.167.152 46250 172.26.37.160 7081
--a7e26b13-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--a7e26b13-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a7e26b13-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTSjbAM1NZ4Hek69xzJ@AAAABE"]
Action: Intercepted (phase 2)
Stopwatch: 1782895245097703 3214 (- - -)
Stopwatch2: 1782895245097703 3214; combined=1986, p1=350, p2=1467, p3=0, p4=0, p5=111, sr=86, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a7e26b13-Z--
--d0dc7439-A--
[01/Jul/2026:08:41:32.023387 +0000] akTSvLAM1NZ4Hek69xzKFQAAAA0 39.63.43.161 38562 172.26.37.160 7081
--d0dc7439-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--d0dc7439-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d0dc7439-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTSvLAM1NZ4Hek69xzKFQAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782895292020553 2892 (- - -)
Stopwatch2: 1782895292020553 2892; combined=1830, p1=358, p2=1312, p3=0, p4=0, p5=105, sr=77, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d0dc7439-Z--
--56b2c96d-A--
[01/Jul/2026:08:41:37.644680 +0000] akTSwdXDG6AyyG2HW2QD4gAAAMY 122.178.167.152 44014 172.26.37.160 7081
--56b2c96d-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 729
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--56b2c96d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--56b2c96d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTSwdXDG6AyyG2HW2QD4gAAAMY"]
Action: Intercepted (phase 2)
Stopwatch: 1782895297640880 3883 (- - -)
Stopwatch2: 1782895297640880 3883; combined=1968, p1=325, p2=1476, p3=0, p4=0, p5=109, sr=79, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--56b2c96d-Z--
--cd4e642f-A--
[01/Jul/2026:08:41:42.616180 +0000] akTSxtXDG6AyyG2HW2QD5QAAANU 39.63.43.161 44066 172.26.37.160 7081
--cd4e642f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--cd4e642f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cd4e642f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTSxtXDG6AyyG2HW2QD5QAAANU"]
Action: Intercepted (phase 2)
Stopwatch: 1782895302613699 2572 (- - -)
Stopwatch2: 1782895302613699 2572; combined=1508, p1=339, p2=1007, p3=0, p4=0, p5=108, sr=85, sw=54, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cd4e642f-Z--
--e7446c38-A--
[01/Jul/2026:08:42:19.768437 +0000] akTS605ZukFkf9XpqIneyQAAAIM 122.178.167.152 55466 172.26.37.160 7081
--e7446c38-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 122.178.167.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)
--e7446c38-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e7446c38-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.178.167.152 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTS605ZukFkf9XpqIneyQAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782895339764396 4099 (- - -)
Stopwatch2: 1782895339764396 4099; combined=1776, p1=312, p2=1271, p3=0, p4=0, p5=132, sr=70, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e7446c38-Z--
--9fbe8454-A--
[01/Jul/2026:08:42:34.428826 +0000] akTS@rAM1NZ4Hek69xzKJQAAABI 104.22.14.164 45198 172.26.37.160 7081
--9fbe8454-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.164
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 729
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a1441e3c5da9ae27-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9fbe8454-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9fbe8454-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (4+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (4+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTS@rAM1NZ4Hek69xzKJQAAABI"]
Action: Intercepted (phase 2)
Stopwatch: 1782895354425292 3934 (- - -)
Stopwatch2: 1782895354425292 3934; combined=2296, p1=350, p2=1762, p3=0, p4=0, p5=125, sr=81, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9fbe8454-Z--
--72ec523c-A--
[01/Jul/2026:08:42:45.684184 +0000] akTTBdXDG6AyyG2HW2QD@wAAAM8 39.63.43.161 39808 172.26.37.160 7081
--72ec523c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--72ec523c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--72ec523c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTTBdXDG6AyyG2HW2QD@wAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782895365680627 3618 (- - -)
Stopwatch2: 1782895365680627 3618; combined=1987, p1=392, p2=1432, p3=0, p4=0, p5=107, sr=119, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--72ec523c-Z--
--1caaae6b-A--
[01/Jul/2026:08:42:55.272848 +0000] akTTD7AM1NZ4Hek69xzKKQAAAAE 104.22.14.164 55872 172.26.37.160 7081
--1caaae6b-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.164
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a1441ebe8f76ae27-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1caaae6b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1caaae6b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.164 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTTD7AM1NZ4Hek69xzKKQAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782895375269597 3380 (- - -)
Stopwatch2: 1782895375269597 3380; combined=2167, p1=333, p2=1671, p3=0, p4=0, p5=107, sr=73, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1caaae6b-Z--
--c9e4af74-A--
[01/Jul/2026:08:42:56.215627 +0000] akTTEE5ZukFkf9XpqIne0QAAAIs 39.63.43.161 55894 172.26.37.160 7081
--c9e4af74-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c9e4af74-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c9e4af74-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTTEE5ZukFkf9XpqIne0QAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782895376212023 3667 (- - -)
Stopwatch2: 1782895376212023 3667; combined=1496, p1=345, p2=946, p3=0, p4=0, p5=133, sr=82, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c9e4af74-Z--
--74aa5942-A--
[01/Jul/2026:08:43:06.697908 +0000] akTTGk5ZukFkf9XpqIne1QAAAI4 172.69.150.77 51170 172.26.37.160 7081
--74aa5942-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.150.77
X-Forwarded-For: 46.58.138.167
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: ar-SY,ar;q=0.8,en-US;q=0.5,en;q=0.2
cf-ray: a1441f064f3e4dba-FRA
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 46.58.138.167
cf-ipcountry: SY
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--74aa5942-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--74aa5942-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 46.58.138.167 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 46.58.138.167 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTTGk5ZukFkf9XpqIne1QAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1782895386694431 3562 (- - -)
Stopwatch2: 1782895386694431 3562; combined=1564, p1=320, p2=1081, p3=0, p4=0, p5=106, sr=82, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--74aa5942-Z--
--ed7e842f-A--
[01/Jul/2026:08:43:13.838395 +0000] akTTIbAM1NZ4Hek69xzKMQAAAAs 110.226.239.222 51282 172.26.37.160 7081
--ed7e842f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--ed7e842f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ed7e842f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTTIbAM1NZ4Hek69xzKMQAAAAs"]
Action: Intercepted (phase 2)
Stopwatch: 1782895393835434 3021 (- - -)
Stopwatch2: 1782895393835434 3021; combined=1494, p1=350, p2=979, p3=0, p4=0, p5=108, sr=73, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ed7e842f-Z--
--74736d18-A--
[01/Jul/2026:08:43:49.533229 +0000] akTTRLAM1NZ4Hek69xzKRgAAAAQ 39.63.43.161 37652 172.26.37.160 7081
--74736d18-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--74736d18-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--74736d18-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTTRLAM1NZ4Hek69xzKRgAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782895428815116 718187 (- - -)
Stopwatch2: 1782895428815116 718187; combined=1432512, p1=321, p2=992, p3=0, p4=0, p5=715628, sr=82, sw=57, l=0, gc=715514
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--74736d18-Z--
--73d41837-A--
[01/Jul/2026:08:44:21.072080 +0000] akTTZbAM1NZ4Hek69xzKTgAAABU 110.226.239.222 37628 172.26.37.160 7081
--73d41837-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--73d41837-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--73d41837-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTTZbAM1NZ4Hek69xzKTgAAABU"]
Action: Intercepted (phase 2)
Stopwatch: 1782895461068741 3404 (- - -)
Stopwatch2: 1782895461068741 3404; combined=1480, p1=351, p2=955, p3=0, p4=0, p5=116, sr=85, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--73d41837-Z--
--9ba16149-A--
[01/Jul/2026:08:44:30.996045 +0000] akTTbrAM1NZ4Hek69xzKTwAAAAY 39.63.43.161 33328 172.26.37.160 7081
--9ba16149-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--9ba16149-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9ba16149-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTTbrAM1NZ4Hek69xzKTwAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782895470993058 3048 (- - -)
Stopwatch2: 1782895470993058 3048; combined=1522, p1=333, p2=1007, p3=0, p4=0, p5=121, sr=86, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9ba16149-Z--
--a4a7377f-A--
[01/Jul/2026:08:44:42.380124 +0000] akTTerAM1NZ4Hek69xzKUwAAAAQ 172.69.150.77 55784 172.26.37.160 7081
--a4a7377f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.69.150.77
X-Forwarded-For: 46.58.138.167
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 701
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: ar-SY,ar;q=0.8,en-US;q=0.5,en;q=0.2
cf-ray: a144215c4d5a4dba-FRA
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 46.58.138.167
cf-ipcountry: SY
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a4a7377f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a4a7377f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 46.58.138.167 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 46.58.138.167 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTTerAM1NZ4Hek69xzKUwAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782895482376643 3837 (- - -)
Stopwatch2: 1782895482376643 3837; combined=1670, p1=371, p2=1136, p3=0, p4=0, p5=107, sr=104, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a4a7377f-Z--
--8fde202f-A--
[01/Jul/2026:08:45:34.087668 +0000] akTTrk5ZukFkf9XpqIne9wAAAJA 39.63.43.161 47646 172.26.37.160 7081
--8fde202f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--8fde202f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8fde202f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTTrk5ZukFkf9XpqIne9wAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782895534083700 4043 (- - -)
Stopwatch2: 1782895534083700 4043; combined=2406, p1=333, p2=988, p3=0, p4=0, p5=1019, sr=92, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8fde202f-Z--
--ed346d71-A--
[01/Jul/2026:08:45:55.140152 +0000] akTTw9XDG6AyyG2HW2QEOgAAAM0 39.63.43.161 54206 172.26.37.160 7081
--ed346d71-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ed346d71-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ed346d71-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTTw9XDG6AyyG2HW2QEOgAAAM0"]
Action: Intercepted (phase 2)
Stopwatch: 1782895555136352 3862 (- - -)
Stopwatch2: 1782895555136352 3862; combined=1499, p1=340, p2=968, p3=0, p4=0, p5=130, sr=74, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ed346d71-Z--
--96b2a45d-A--
[01/Jul/2026:08:46:06.501013 +0000] akTTztXDG6AyyG2HW2QEPQAAAMY 110.226.239.222 60832 172.26.37.160 7081
--96b2a45d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--96b2a45d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--96b2a45d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTTztXDG6AyyG2HW2QEPQAAAMY"]
Action: Intercepted (phase 2)
Stopwatch: 1782895566497909 3168 (- - -)
Stopwatch2: 1782895566497909 3168; combined=1451, p1=335, p2=951, p3=0, p4=0, p5=109, sr=80, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--96b2a45d-Z--
--1aa0e04e-A--
[01/Jul/2026:08:46:47.599670 +0000] akTT97AM1NZ4Hek69xzKdgAAAA4 39.63.43.161 48354 172.26.37.160 7081
--1aa0e04e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1aa0e04e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1aa0e04e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTT97AM1NZ4Hek69xzKdgAAAA4"]
Action: Intercepted (phase 2)
Stopwatch: 1782895607596790 2943 (- - -)
Stopwatch2: 1782895607596790 2943; combined=1487, p1=386, p2=933, p3=0, p4=0, p5=113, sr=95, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1aa0e04e-Z--
--36860437-A--
[01/Jul/2026:08:46:52.067577 +0000] akTT-NXDG6AyyG2HW2QESAAAAM8 110.226.239.222 48380 172.26.37.160 7081
--36860437-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--36860437-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--36860437-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTT-NXDG6AyyG2HW2QESAAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782895612063916 3726 (- - -)
Stopwatch2: 1782895612063916 3726; combined=1568, p1=348, p2=1004, p3=0, p4=0, p5=134, sr=75, sw=82, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--36860437-Z--
--7e12e135-A--
[01/Jul/2026:08:47:08.657126 +0000] akTUDLAM1NZ4Hek69xzKdwAAABM 39.63.43.161 34984 172.26.37.160 7081
--7e12e135-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--7e12e135-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7e12e135-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTUDLAM1NZ4Hek69xzKdwAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782895628654421 2774 (- - -)
Stopwatch2: 1782895628654421 2774; combined=1485, p1=320, p2=965, p3=0, p4=0, p5=139, sr=79, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7e12e135-Z--
--50e8610f-A--
[01/Jul/2026:08:47:17.548065 +0000] akTUFbAM1NZ4Hek69xzKhQAAAAk 104.22.14.159 39028 172.26.37.160 7081
--50e8610f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.159
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a1442525ed572520-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--50e8610f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--50e8610f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.159 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.159 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTUFbAM1NZ4Hek69xzKhQAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782895637544992 3159 (- - -)
Stopwatch2: 1782895637544992 3159; combined=1989, p1=706, p2=1121, p3=0, p4=0, p5=106, sr=71, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--50e8610f-Z--
--53f29611-A--
[01/Jul/2026:08:47:38.542809 +0000] akTUKrAM1NZ4Hek69xzKiQAAAAA 104.22.14.159 56552 172.26.37.160 7081
--53f29611-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.159
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US,en;q=0.5
cf-ray: a14425a91faf2520-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--53f29611-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--53f29611-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.159 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.159 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTUKrAM1NZ4Hek69xzKiQAAAAA"]
Action: Intercepted (phase 2)
Stopwatch: 1782895658539891 3025 (- - -)
Stopwatch2: 1782895658539891 3025; combined=1586, p1=340, p2=1083, p3=0, p4=0, p5=107, sr=75, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--53f29611-Z--
--5fdccb79-A--
[01/Jul/2026:08:48:21.614700 +0000] akTUVdXDG6AyyG2HW2QEZQAAAME 110.226.239.222 35882 172.26.37.160 7081
--5fdccb79-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--5fdccb79-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5fdccb79-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTUVdXDG6AyyG2HW2QEZQAAAME"]
Action: Intercepted (phase 2)
Stopwatch: 1782895701611321 3453 (- - -)
Stopwatch2: 1782895701611321 3453; combined=1837, p1=359, p2=1297, p3=0, p4=0, p5=121, sr=83, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5fdccb79-Z--
--0dc81b6a-A--
[01/Jul/2026:08:48:22.053972 +0000] akTUVrAM1NZ4Hek69xzKmwAAAAE 39.63.43.161 35890 172.26.37.160 7081
--0dc81b6a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--0dc81b6a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0dc81b6a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTUVrAM1NZ4Hek69xzKmwAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782895702050615 3421 (- - -)
Stopwatch2: 1782895702050615 3421; combined=1594, p1=363, p2=1028, p3=0, p4=0, p5=136, sr=90, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0dc81b6a-Z--
--95eb985a-A--
[01/Jul/2026:08:48:26.743143 +0000] akTUWtXDG6AyyG2HW2QEZgAAAMM 110.226.239.222 53640 172.26.37.160 7081
--95eb985a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--95eb985a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--95eb985a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTUWtXDG6AyyG2HW2QEZgAAAMM"]
Action: Intercepted (phase 2)
Stopwatch: 1782895706740261 2947 (- - -)
Stopwatch2: 1782895706740261 2947; combined=1479, p1=339, p2=974, p3=0, p4=0, p5=108, sr=93, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--95eb985a-Z--
--3a555c7a-A--
[01/Jul/2026:08:48:31.287866 +0000] akTUX05ZukFkf9XpqInfFgAAAIA 104.22.14.159 53652 172.26.37.160 7081
--3a555c7a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.14.159
X-Forwarded-For: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US,en;q=0.5
cf-ray: a14426f2bced2520-BOS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2409:40e4:4:e5cf:1be:6b02:23d8:f5c6
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3a555c7a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3a555c7a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.159 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.22.14.159 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTUX05ZukFkf9XpqInfFgAAAIA"]
Action: Intercepted (phase 2)
Stopwatch: 1782895711284847 3113 (- - -)
Stopwatch2: 1782895711284847 3113; combined=1934, p1=644, p2=1117, p3=0, p4=0, p5=118, sr=86, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3a555c7a-Z--
--e5b8a42b-A--
[01/Jul/2026:08:48:32.537804 +0000] akTUYLAM1NZ4Hek69xzKnAAAAA4 39.63.43.161 53656 172.26.37.160 7081
--e5b8a42b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e5b8a42b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e5b8a42b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTUYLAM1NZ4Hek69xzKnAAAAA4"]
Action: Intercepted (phase 2)
Stopwatch: 1782895712534818 3043 (- - -)
Stopwatch2: 1782895712534818 3043; combined=1574, p1=387, p2=999, p3=0, p4=0, p5=125, sr=115, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e5b8a42b-Z--
--7e5e8b16-A--
[01/Jul/2026:08:49:25.018761 +0000] akTUlU5ZukFkf9XpqInfGgAAAJY 39.63.43.161 38980 172.26.37.160 7081
--7e5e8b16-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--7e5e8b16-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7e5e8b16-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTUlU5ZukFkf9XpqInfGgAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782895765015713 3155 (- - -)
Stopwatch2: 1782895765015713 3155; combined=2059, p1=359, p2=1460, p3=0, p4=0, p5=156, sr=100, sw=84, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7e5e8b16-Z--
--87d45315-A--
[01/Jul/2026:08:49:40.863504 +0000] akTUpLAM1NZ4Hek69xzKqwAAABc 110.226.239.222 36114 172.26.37.160 7081
--87d45315-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--87d45315-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--87d45315-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTUpLAM1NZ4Hek69xzKqwAAABc"]
Action: Intercepted (phase 2)
Stopwatch: 1782895780860468 3091 (- - -)
Stopwatch2: 1782895780860468 3091; combined=1602, p1=379, p2=1049, p3=0, p4=0, p5=113, sr=88, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--87d45315-Z--
--489fe620-A--
[01/Jul/2026:08:49:46.054970 +0000] akTUqtXDG6AyyG2HW2QEcgAAAMk 39.63.43.161 43024 172.26.37.160 7081
--489fe620-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--489fe620-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--489fe620-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTUqtXDG6AyyG2HW2QEcgAAAMk"]
Action: Intercepted (phase 2)
Stopwatch: 1782895786051962 3064 (- - -)
Stopwatch2: 1782895786051962 3064; combined=1461, p1=340, p2=944, p3=0, p4=0, p5=116, sr=77, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--489fe620-Z--
--10813321-A--
[01/Jul/2026:08:50:38.540686 +0000] akTU3rAM1NZ4Hek69xzKuwAAAAc 39.63.43.161 35500 172.26.37.160 7081
--10813321-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--10813321-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--10813321-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTU3rAM1NZ4Hek69xzKuwAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782895838537386 3362 (- - -)
Stopwatch2: 1782895838537386 3362; combined=1558, p1=338, p2=1038, p3=0, p4=0, p5=117, sr=78, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--10813321-Z--
--e0b1e634-A--
[01/Jul/2026:08:50:49.066574 +0000] akTU6U5ZukFkf9XpqInfLAAAAJc 39.63.43.161 51656 172.26.37.160 7081
--e0b1e634-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e0b1e634-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e0b1e634-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTU6U5ZukFkf9XpqInfLAAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782895849064143 2486 (- - -)
Stopwatch2: 1782895849064143 2486; combined=1460, p1=327, p2=969, p3=0, p4=0, p5=107, sr=77, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e0b1e634-Z--
--af9aea3b-A--
[01/Jul/2026:08:51:41.614482 +0000] akTVHdXDG6AyyG2HW2QElwAAAMY 39.63.43.161 48482 172.26.37.160 7081
--af9aea3b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--af9aea3b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--af9aea3b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTVHdXDG6AyyG2HW2QElwAAAMY"]
Action: Intercepted (phase 2)
Stopwatch: 1782895901610513 4181 (- - -)
Stopwatch2: 1782895901610513 4181; combined=2397, p1=326, p2=941, p3=0, p4=0, p5=1046, sr=89, sw=84, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--af9aea3b-Z--
--e2c06534-A--
[01/Jul/2026:08:51:52.114083 +0000] akTVKLAM1NZ4Hek69xzK2AAAAAw 39.63.43.161 53492 172.26.37.160 7081
--e2c06534-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e2c06534-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e2c06534-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTVKLAM1NZ4Hek69xzK2AAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782895912110292 4390 (- - -)
Stopwatch2: 1782895912110292 4390; combined=2371, p1=327, p2=1828, p3=0, p4=0, p5=148, sr=87, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e2c06534-Z--
--0b68fc1b-A--
[01/Jul/2026:08:52:55.432058 +0000] akTVZ7AM1NZ4Hek69xzK4wAAAAc 39.63.43.161 49422 172.26.37.160 7081
--0b68fc1b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--0b68fc1b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0b68fc1b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTVZ7AM1NZ4Hek69xzK4wAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782895975429538 2579 (- - -)
Stopwatch2: 1782895975429538 2579; combined=1478, p1=324, p2=990, p3=0, p4=0, p5=108, sr=78, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0b68fc1b-Z--
--d1fc7451-A--
[01/Jul/2026:08:53:26.984054 +0000] akTVhrAM1NZ4Hek69xzK7gAAAAk 39.63.43.161 56298 172.26.37.160 7081
--d1fc7451-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--d1fc7451-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d1fc7451-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTVhrAM1NZ4Hek69xzK7gAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782896006980601 3508 (- - -)
Stopwatch2: 1782896006980601 3508; combined=2483, p1=381, p2=1919, p3=0, p4=0, p5=118, sr=84, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d1fc7451-Z--
--6cb67e09-A--
[01/Jul/2026:08:53:58.481225 +0000] akTVptXDG6AyyG2HW2QEpwAAAMs 39.63.43.161 33630 172.26.37.160 7081
--6cb67e09-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--6cb67e09-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6cb67e09-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTVptXDG6AyyG2HW2QEpwAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782896038478783 2516 (- - -)
Stopwatch2: 1782896038478783 2516; combined=1491, p1=370, p2=961, p3=0, p4=0, p5=105, sr=83, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6cb67e09-Z--
--ef14802b-A--
[01/Jul/2026:08:54:51.089575 +0000] akTV29XDG6AyyG2HW2QErQAAANM 39.63.43.161 53332 172.26.37.160 7081
--ef14802b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 699
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ef14802b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ef14802b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTV29XDG6AyyG2HW2QErQAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782896091085083 4556 (- - -)
Stopwatch2: 1782896091085083 4556; combined=3326, p1=320, p2=2801, p3=0, p4=0, p5=138, sr=72, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ef14802b-Z--
--8974100d-A--
[01/Jul/2026:08:55:01.618044 +0000] akTV5bAM1NZ4Hek69xzLBAAAAA4 39.63.43.161 34824 172.26.37.160 7081
--8974100d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--8974100d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8974100d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTV5bAM1NZ4Hek69xzLBAAAAA4"]
Action: Intercepted (phase 2)
Stopwatch: 1782896101613317 4916 (- - -)
Stopwatch2: 1782896101613317 4916; combined=1974, p1=318, p2=1457, p3=0, p4=0, p5=132, sr=69, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8974100d-Z--
--afdfac67-A--
[01/Jul/2026:08:56:04.881114 +0000] akTWJNXDG6AyyG2HW2QEugAAANI 39.63.43.161 44572 172.26.37.160 7081
--afdfac67-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--afdfac67-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--afdfac67-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTWJNXDG6AyyG2HW2QEugAAANI"]
Action: Intercepted (phase 2)
Stopwatch: 1782896164877534 3655 (- - -)
Stopwatch2: 1782896164877534 3655; combined=2466, p1=352, p2=1881, p3=0, p4=0, p5=163, sr=81, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--afdfac67-Z--
--d3726427-A--
[01/Jul/2026:08:56:53.659134 +0000] akTWVU5ZukFkf9XpqInfqgAAAIg 110.226.239.222 36152 172.26.37.160 7081
--d3726427-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d3726427-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d3726427-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTWVU5ZukFkf9XpqInfqgAAAIg"]
Action: Intercepted (phase 2)
Stopwatch: 1782896213655077 4144 (- - -)
Stopwatch2: 1782896213655077 4144; combined=1548, p1=351, p2=969, p3=0, p4=0, p5=149, sr=88, sw=79, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d3726427-Z--
--12f50b61-A--
[01/Jul/2026:08:57:02.531714 +0000] akTWXk5ZukFkf9XpqInfrQAAAII 110.226.239.222 34464 172.26.37.160 7081
--12f50b61-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--12f50b61-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--12f50b61-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTWXk5ZukFkf9XpqInfrQAAAII"]
Action: Intercepted (phase 2)
Stopwatch: 1782896222528156 3649 (- - -)
Stopwatch2: 1782896222528156 3649; combined=2256, p1=335, p2=1741, p3=0, p4=0, p5=116, sr=85, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--12f50b61-Z--
--195fae12-A--
[01/Jul/2026:08:57:08.084285 +0000] akTWZE5ZukFkf9XpqInfsAAAAIc 39.63.43.161 58356 172.26.37.160 7081
--195fae12-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--195fae12-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--195fae12-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTWZE5ZukFkf9XpqInfsAAAAIc"]
Action: Intercepted (phase 2)
Stopwatch: 1782896228080900 4117 (- - -)
Stopwatch2: 1782896228080900 4117; combined=1520, p1=339, p2=1011, p3=0, p4=0, p5=111, sr=81, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--195fae12-Z--
--f6e8c925-A--
[01/Jul/2026:08:57:50.144417 +0000] akTWjk5ZukFkf9XpqInfvAAAAIE 39.63.43.161 41556 172.26.37.160 7081
--f6e8c925-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--f6e8c925-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f6e8c925-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTWjk5ZukFkf9XpqInfvAAAAIE"]
Action: Intercepted (phase 2)
Stopwatch: 1782896270140368 4118 (- - -)
Stopwatch2: 1782896270140368 4118; combined=1893, p1=347, p2=1007, p3=0, p4=0, p5=471, sr=86, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f6e8c925-Z--
--98a5d91b-A--
[01/Jul/2026:08:58:11.200022 +0000] akTWo9XDG6AyyG2HW2QFJQAAANE 39.63.43.161 44408 172.26.37.160 7081
--98a5d91b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 39.63.43.161
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--98a5d91b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--98a5d91b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.63.43.161 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akTWo9XDG6AyyG2HW2QFJQAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782896291196540 3571 (- - -)
Stopwatch2: 1782896291196540 3571; combined=1423, p1=315, p2=924, p3=0, p4=0, p5=122, sr=74, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--98a5d91b-Z--
--7407ca45-A--
[01/Jul/2026:09:02:47.780011 +0000] akTXt05ZukFkf9XpqIngaAAAAJM 110.226.239.222 37368 172.26.37.160 7081
--7407ca45-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--7407ca45-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7407ca45-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTXt05ZukFkf9XpqIngaAAAAJM"]
Action: Intercepted (phase 2)
Stopwatch: 1782896567776042 4027 (- - -)
Stopwatch2: 1782896567776042 4027; combined=2601, p1=329, p2=2085, p3=0, p4=0, p5=123, sr=84, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7407ca45-Z--
--9d88ac62-A--
[01/Jul/2026:09:02:57.269916 +0000] akTXwbAM1NZ4Hek69xzL7AAAAAQ 43.157.243.191 53364 172.26.37.160 7081
--9d88ac62-B--
GET /wp-json/wp/v2/users?per_page=100&_fields=id,slug HTTP/1.1
Host: avmhk.com
X-Real-IP: 43.157.243.191
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua: ".Not/A)Brand";v="99", "Google Chrome";v="143", "Chromium";v="143"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
--9d88ac62-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9d88ac62-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akTXwbAM1NZ4Hek69xzL7AAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782896577263821 10029 (- - -)
Stopwatch2: 1782896577263821 10029; combined=1488, p1=281, p2=836, p3=0, p4=0, p5=370, sr=61, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9d88ac62-Z--
--0ccff326-A--
[01/Jul/2026:09:02:58.905518 +0000] akTXwk5ZukFkf9XpqIngcgAAAIA 194.60.201.146 53404 172.26.37.160 7081
--0ccff326-B--
GET /wp-json/wp/v2/users?per_page=100&_fields=id,slug HTTP/1.1
Host: avmhk.com
X-Real-IP: 194.60.201.146
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua: ".Not/A)Brand";v="99", "Google Chrome";v="143", "Chromium";v="143"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
--0ccff326-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0ccff326-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akTXwk5ZukFkf9XpqIngcgAAAIA"]
Action: Intercepted (phase 2)
Stopwatch: 1782896578903074 2525 (- - -)
Stopwatch2: 1782896578903074 2525; combined=1191, p1=291, p2=852, p3=0, p4=0, p5=47, sr=75, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0ccff326-Z--
--de4a7c50-A--
[01/Jul/2026:09:03:09.508752 +0000] akTXzbAM1NZ4Hek69xzMMwAAAA0 194.60.201.146 50772 172.26.37.160 7081
--de4a7c50-B--
GET /wp-json/wp/v2/users?include=1,3&_fields=id,slug HTTP/1.1
Host: avmhk.com
X-Real-IP: 194.60.201.146
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua: ".Not/A)Brand";v="99", "Google Chrome";v="143", "Chromium";v="143"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
--de4a7c50-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--de4a7c50-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akTXzbAM1NZ4Hek69xzMMwAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782896589506274 2584 (- - -)
Stopwatch2: 1782896589506274 2584; combined=1161, p1=289, p2=801, p3=0, p4=0, p5=70, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--de4a7c50-Z--
--a9409c28-A--
[01/Jul/2026:09:03:10.849334 +0000] akTXzk5ZukFkf9XpqIngowAAAJQ 78.142.18.172 50804 172.26.37.160 7081
--a9409c28-B--
GET /wp-json/wp/v2/users?include=1,3&_fields=id,slug HTTP/1.1
Host: avmhk.com
X-Real-IP: 78.142.18.172
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua: ".Not/A)Brand";v="99", "Google Chrome";v="143", "Chromium";v="143"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
--a9409c28-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a9409c28-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akTXzk5ZukFkf9XpqIngowAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782896590845224 4183 (- - -)
Stopwatch2: 1782896590845224 4183; combined=2727, p1=316, p2=2362, p3=0, p4=0, p5=48, sr=76, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a9409c28-Z--
--6b856a3e-A--
[01/Jul/2026:09:03:30.085983 +0000] akTX4k5ZukFkf9XpqIngsQAAAIo 103.166.182.186 37990 172.26.37.160 7081
--6b856a3e-B--
GET /wp-json/wp/v2/users?include=3&_fields=id,slug HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.166.182.186
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua: ".Not/A)Brand";v="99", "Google Chrome";v="143", "Chromium";v="143"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
--6b856a3e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6b856a3e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akTX4k5ZukFkf9XpqIngsQAAAIo"]
Action: Intercepted (phase 2)
Stopwatch: 1782896610083330 2743 (- - -)
Stopwatch2: 1782896610083330 2743; combined=1267, p1=320, p2=881, p3=0, p4=0, p5=64, sr=82, sw=2, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6b856a3e-Z--
--91f0d236-A--
[01/Jul/2026:09:03:31.151721 +0000] akTX47AM1NZ4Hek69xzMRgAAAAE 185.56.171.17 38006 172.26.37.160 7081
--91f0d236-B--
GET /wp-json/wp/v2/users?include=3&_fields=id,slug HTTP/1.1
Host: avmhk.com
X-Real-IP: 185.56.171.17
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua: ".Not/A)Brand";v="99", "Google Chrome";v="143", "Chromium";v="143"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
--91f0d236-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--91f0d236-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akTX47AM1NZ4Hek69xzMRgAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782896611147375 5294 (- - -)
Stopwatch2: 1782896611147375 5294; combined=1620, p1=305, p2=1251, p3=0, p4=0, p5=63, sr=68, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--91f0d236-Z--
--b5ac0930-A--
[01/Jul/2026:09:04:45.295342 +0000] akTYLU5ZukFkf9XpqIng2wAAAIM 110.226.239.222 51962 172.26.37.160 7081
--b5ac0930-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 110.226.239.222
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--b5ac0930-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b5ac0930-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.226.239.222 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTYLU5ZukFkf9XpqIng2wAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782896685291498 3907 (- - -)
Stopwatch2: 1782896685291498 3907; combined=2562, p1=323, p2=2055, p3=0, p4=0, p5=119, sr=81, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b5ac0930-Z--
--c6bde510-A--
[01/Jul/2026:09:07:33.710378 +0000] akTY1U5ZukFkf9XpqInhJQAAAI8 5.206.227.80 58294 172.26.37.160 7080
--c6bde510-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 5.206.227.80
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--c6bde510-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--c6bde510-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akTY1U5ZukFkf9XpqInhJQAAAI8"]
Action: Intercepted (phase 1)
Stopwatch: 1782896853709863 554 (- - -)
Stopwatch2: 1782896853709863 554; combined=241, p1=191, p2=0, p3=0, p4=0, p5=50, sr=84, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c6bde510-Z--
--1a809222-A--
[01/Jul/2026:09:07:34.574476 +0000] akTY1k5ZukFkf9XpqInhJwAAAI0 5.206.227.80 60398 172.26.37.160 7081
--1a809222-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 5.206.227.80
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--1a809222-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--1a809222-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akTY1k5ZukFkf9XpqInhJwAAAI0"]
Action: Intercepted (phase 1)
Stopwatch: 1782896854573758 756 (- - -)
Stopwatch2: 1782896854573758 756; combined=477, p1=427, p2=0, p3=0, p4=0, p5=49, sr=318, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1a809222-Z--
--99a75f3a-A--
[01/Jul/2026:09:08:33.333880 +0000] akTZEdXDG6AyyG2HW2QGlwAAANA 162.158.88.117 42892 172.26.37.160 7081
--99a75f3a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a144444c39bbfe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--99a75f3a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--99a75f3a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTZEdXDG6AyyG2HW2QGlwAAANA"]
Action: Intercepted (phase 2)
Stopwatch: 1782896913329792 4220 (- - -)
Stopwatch2: 1782896913329792 4220; combined=1707, p1=335, p2=1146, p3=0, p4=0, p5=151, sr=89, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--99a75f3a-Z--
--4d598c58-A--
[01/Jul/2026:09:10:09.723011 +0000] akTZcdXDG6AyyG2HW2QHAgAAANQ 162.158.88.117 52524 172.26.37.160 7081
--4d598c58-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a14446a6aab5fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4d598c58-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4d598c58-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTZcdXDG6AyyG2HW2QHAgAAANQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782897009719767 3386 (- - -)
Stopwatch2: 1782897009719767 3386; combined=1580, p1=322, p2=1077, p3=0, p4=0, p5=115, sr=82, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4d598c58-Z--
--3d3fe02b-A--
[01/Jul/2026:09:10:30.951421 +0000] akTZhtXDG6AyyG2HW2QHKAAAAMc 162.158.88.117 53406 172.26.37.160 7081
--3d3fe02b-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a144472b5de9fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3d3fe02b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3d3fe02b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTZhtXDG6AyyG2HW2QHKAAAAMc"]
Action: Intercepted (phase 2)
Stopwatch: 1782897030948293 3229 (- - -)
Stopwatch2: 1782897030948293 3229; combined=1521, p1=312, p2=1047, p3=0, p4=0, p5=106, sr=75, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3d3fe02b-Z--
--9a87bf2f-A--
[01/Jul/2026:09:11:45.814660 +0000] akTZ0dXDG6AyyG2HW2QHeAAAAM4 162.158.88.117 37554 172.26.37.160 7081
--9a87bf2f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a14448ff3d2cfe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9a87bf2f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9a87bf2f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTZ0dXDG6AyyG2HW2QHeAAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782897105811319 3427 (- - -)
Stopwatch2: 1782897105811319 3427; combined=2239, p1=359, p2=1720, p3=0, p4=0, p5=105, sr=89, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9a87bf2f-Z--
--7ea9e106-A--
[01/Jul/2026:09:11:56.477149 +0000] akTZ3LAM1NZ4Hek69xzN5wAAAAE 162.158.88.117 43490 172.26.37.160 7081
--7ea9e106-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a1444941df31fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7ea9e106-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7ea9e106-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTZ3LAM1NZ4Hek69xzN5wAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782897116471833 8039 (- - -)
Stopwatch2: 1782897116471833 8039; combined=2517, p1=775, p2=1548, p3=0, p4=0, p5=130, sr=66, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7ea9e106-Z--
--d8f7423b-A--
[01/Jul/2026:09:13:11.486904 +0000] akTaJ05ZukFkf9XpqIniwwAAAJA 162.158.88.117 37252 172.26.37.160 7081
--d8f7423b-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a1444b16af33fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--d8f7423b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d8f7423b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTaJ05ZukFkf9XpqIniwwAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782897191483692 3303 (- - -)
Stopwatch2: 1782897191483692 3303; combined=2050, p1=771, p2=1114, p3=0, p4=0, p5=107, sr=521, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d8f7423b-Z--
--9c4cab0f-A--
[01/Jul/2026:09:13:22.203763 +0000] akTaMk5ZukFkf9XpqInixQAAAIk 162.158.88.117 50692 172.26.37.160 7081
--9c4cab0f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a1444b59aab1fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9c4cab0f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9c4cab0f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTaMk5ZukFkf9XpqInixQAAAIk"]
Action: Intercepted (phase 2)
Stopwatch: 1782897202200845 3017 (- - -)
Stopwatch2: 1782897202200845 3017; combined=1575, p1=314, p2=1104, p3=0, p4=0, p5=103, sr=75, sw=54, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9c4cab0f-Z--
--2fd89615-A--
[01/Jul/2026:09:14:15.815689 +0000] akTaZ9XDG6AyyG2HW2QHpQAAAM8 162.158.88.117 58348 172.26.37.160 7081
--2fd89615-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a1444ca8bbe1fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--2fd89615-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2fd89615-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTaZ9XDG6AyyG2HW2QHpQAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782897255812892 2880 (- - -)
Stopwatch2: 1782897255812892 2880; combined=1574, p1=313, p2=1085, p3=0, p4=0, p5=119, sr=72, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2fd89615-Z--
--07555414-A--
[01/Jul/2026:09:14:21.466162 +0000] akTabdXDG6AyyG2HW2QHpwAAAMo 137.184.198.188 58462 172.26.37.160 7081
--07555414-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 137.184.198.188
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://preemptivestrategies.hk/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--07555414-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--07555414-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTabdXDG6AyyG2HW2QHpwAAAMo"]
Action: Intercepted (phase 2)
Stopwatch: 1782897261463876 2337 (- - -)
Stopwatch2: 1782897261463876 2337; combined=870, p1=300, p2=500, p3=0, p4=0, p5=70, sr=69, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--07555414-Z--
--1673ef51-A--
[01/Jul/2026:09:14:26.616129 +0000] akTacrAM1NZ4Hek69xzOKQAAABQ 162.158.88.117 52360 172.26.37.160 7081
--1673ef51-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a1444cec2911fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1673ef51-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1673ef51-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTacrAM1NZ4Hek69xzOKQAAABQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782897266610972 6181 (- - -)
Stopwatch2: 1782897266610972 6181; combined=1608, p1=318, p2=1097, p3=0, p4=0, p5=124, sr=72, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1673ef51-Z--
--db0a3417-A--
[01/Jul/2026:09:15:30.923960 +0000] akTask5ZukFkf9XpqInjFwAAAJg 162.158.88.117 40466 172.26.37.160 7081
--db0a3417-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a1444e7e28b9fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--db0a3417-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--db0a3417-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTask5ZukFkf9XpqInjFwAAAJg"]
Action: Intercepted (phase 2)
Stopwatch: 1782897330920539 3512 (- - -)
Stopwatch2: 1782897330920539 3512; combined=1612, p1=339, p2=1090, p3=0, p4=0, p5=123, sr=74, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--db0a3417-Z--
--081b0042-A--
[01/Jul/2026:09:15:43.903362 +0000] akTavtXDG6AyyG2HW2QH8AAAAMc 34.48.138.189 43814 172.26.37.160 7081
--081b0042-B--
GET /wp-content/themes/woodmart/css/parts/woo-mod-add-btn-replace.min.css?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 34.48.138.189
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://eonhk.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=0
--081b0042-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/themes/woodmart/css/parts/woo-mod-add-btn-replace.min.css
Content-Length: 0
Content-Type: text/css
--081b0042-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "110.226.239.222_b94b7707dc9fdda27f2f71730df44cfd85e521f7"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "110.226.239.222_b94b7707dc9fdda27f2f71730df44cfd85e521f7"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/css/parts/woo-mod-add-btn-replace.min.css"] [unique_id "akTavtXDG6AyyG2HW2QH8AAAAMc"]
Stopwatch: 1782897342335325 1570982 (- - -)
Stopwatch2: 1782897342335325 1570982; combined=3090332, p1=199, p2=34076, p3=22, p4=19, p5=1528020, sr=50, sw=1, l=0, gc=1527995
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--081b0042-Z--
--3d3fd713-A--
[01/Jul/2026:09:16:13.827990 +0000] akTa3dXDG6AyyG2HW2QIVAAAAM8 162.158.88.117 39212 172.26.37.160 7081
--3d3fd713-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 701
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a1444f8a4d90fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3d3fd713-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3d3fd713-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTa3dXDG6AyyG2HW2QIVAAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782897373825131 2938 (- - -)
Stopwatch2: 1782897373825131 2938; combined=1804, p1=528, p2=1115, p3=0, p4=0, p5=105, sr=73, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3d3fd713-Z--
--0135de06-A--
[01/Jul/2026:09:17:49.969547 +0000] akTbPU5ZukFkf9XpqInkLwAAAJE 162.158.88.117 52934 172.26.37.160 7081
--0135de06-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a14451e33985fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0135de06-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0135de06-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTbPU5ZukFkf9XpqInkLwAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782897469963496 9654 (- - -)
Stopwatch2: 1782897469963496 9654; combined=5376, p1=301, p2=1086, p3=0, p4=0, p5=2026, sr=67, sw=1963, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0135de06-Z--
--83cf782e-A--
[01/Jul/2026:09:18:22.072457 +0000] akTbXh9eA2Q92AizAorz1gAAAFg 162.158.88.117 51380 172.26.37.160 7081
--83cf782e-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a14452abdbcbfe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--83cf782e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--83cf782e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTbXh9eA2Q92AizAorz1gAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782897502068815 3748 (- - -)
Stopwatch2: 1782897502068815 3748; combined=2096, p1=345, p2=1580, p3=0, p4=0, p5=110, sr=81, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--83cf782e-Z--
--930c6e49-A--
[01/Jul/2026:09:19:26.699533 +0000] akTbnk5ZukFkf9XpqInkRQAAAII 162.158.88.117 58394 172.26.37.160 7081
--930c6e49-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a144543fb8f8fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--930c6e49-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--930c6e49-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTbnk5ZukFkf9XpqInkRQAAAII"]
Action: Intercepted (phase 2)
Stopwatch: 1782897566696075 3556 (- - -)
Stopwatch2: 1782897566696075 3556; combined=1636, p1=351, p2=1095, p3=0, p4=0, p5=127, sr=78, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--930c6e49-Z--
--71afdb24-A--
[01/Jul/2026:09:20:09.576556 +0000] akTbyU5ZukFkf9XpqInkVQAAAI8 162.158.88.117 49734 172.26.37.160 7081
--71afdb24-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a144554bcd2ffe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--71afdb24-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--71afdb24-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTbyU5ZukFkf9XpqInkVQAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782897609573072 3572 (- - -)
Stopwatch2: 1782897609573072 3572; combined=2084, p1=356, p2=1539, p3=0, p4=0, p5=119, sr=89, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--71afdb24-Z--
--5169be63-A--
[01/Jul/2026:09:20:41.655760 +0000] akTb6dXDG6AyyG2HW2QI2wAAANg 162.158.88.117 46634 172.26.37.160 7081
--5169be63-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a14456143ba0fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5169be63-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5169be63-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTb6dXDG6AyyG2HW2QI2wAAANg"]
Action: Intercepted (phase 2)
Stopwatch: 1782897641651942 3909 (- - -)
Stopwatch2: 1782897641651942 3909; combined=2497, p1=354, p2=1942, p3=0, p4=0, p5=135, sr=94, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5169be63-Z--
--c9cda051-A--
[01/Jul/2026:09:21:56.736185 +0000] akTcNE5ZukFkf9XpqInkbgAAAIc 162.158.88.117 53894 172.26.37.160 7081
--c9cda051-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a14457e96916fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c9cda051-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c9cda051-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTcNE5ZukFkf9XpqInkbgAAAIc"]
Action: Intercepted (phase 2)
Stopwatch: 1782897716733078 3197 (- - -)
Stopwatch2: 1782897716733078 3197; combined=1633, p1=357, p2=1095, p3=0, p4=0, p5=118, sr=77, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c9cda051-Z--
--6e15ae30-A--
[01/Jul/2026:09:22:07.305393 +0000] akTcP05ZukFkf9XpqInkcQAAAIM 162.158.88.117 51920 172.26.37.160 7081
--6e15ae30-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a144582b8a6bfe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6e15ae30-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6e15ae30-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTcP05ZukFkf9XpqInkcQAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782897727301953 3530 (- - -)
Stopwatch2: 1782897727301953 3530; combined=1577, p1=358, p2=1027, p3=0, p4=0, p5=126, sr=91, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6e15ae30-Z--
--acfe0a57-A--
[01/Jul/2026:09:23:11.573294 +0000] akTcf9XDG6AyyG2HW2QI8gAAAMk 162.158.88.117 34772 172.26.37.160 7081
--acfe0a57-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a14459bd3d89fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--acfe0a57-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--acfe0a57-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTcf9XDG6AyyG2HW2QI8gAAAMk"]
Action: Intercepted (phase 2)
Stopwatch: 1782897791566761 6652 (- - -)
Stopwatch2: 1782897791566761 6652; combined=4817, p1=3054, p2=1529, p3=0, p4=0, p5=155, sr=78, sw=79, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--acfe0a57-Z--
--8ff8c359-A--
[01/Jul/2026:09:24:37.296654 +0000] akTc1dXDG6AyyG2HW2QJFAAAAMg 162.158.88.117 48618 172.26.37.160 7081
--8ff8c359-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a1445bd50f4ffe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8ff8c359-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8ff8c359-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTc1dXDG6AyyG2HW2QJFAAAAMg"]
Action: Intercepted (phase 2)
Stopwatch: 1782897877293478 3295 (- - -)
Stopwatch2: 1782897877293478 3295; combined=1568, p1=318, p2=1075, p3=0, p4=0, p5=113, sr=74, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8ff8c359-Z--
--d4f55b4b-A--
[01/Jul/2026:09:24:48.086487 +0000] akTc4NXDG6AyyG2HW2QJGQAAAMA 162.158.88.117 50898 172.26.37.160 7081
--d4f55b4b-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a1445c186f68fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--d4f55b4b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d4f55b4b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTc4NXDG6AyyG2HW2QJGQAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782897888083198 3380 (- - -)
Stopwatch2: 1782897888083198 3380; combined=1574, p1=321, p2=1078, p3=0, p4=0, p5=116, sr=80, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d4f55b4b-Z--
--0ec66b6a-A--
[01/Jul/2026:09:26:35.229811 +0000] akTdS05ZukFkf9XpqInk6QAAAIw 162.158.88.117 40212 172.26.37.160 7081
--0ec66b6a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a1445eb61fb1fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0ec66b6a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0ec66b6a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTdS05ZukFkf9XpqInk6QAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782897995226658 3237 (- - -)
Stopwatch2: 1782897995226658 3237; combined=2069, p1=830, p2=1073, p3=0, p4=0, p5=109, sr=80, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0ec66b6a-Z--
--e539a85f-A--
[01/Jul/2026:09:28:00.569922 +0000] akTdoB9eA2Q92AizAor0QAAAAEw 162.158.88.117 56194 172.26.37.160 7081
--e539a85f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a14460cb6f36fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e539a85f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e539a85f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTdoB9eA2Q92AizAor0QAAAAEw"]
Action: Intercepted (phase 2)
Stopwatch: 1782898080566057 3950 (- - -)
Stopwatch2: 1782898080566057 3950; combined=2069, p1=317, p2=1554, p3=0, p4=0, p5=133, sr=73, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e539a85f-Z--
--791ca570-A--
[01/Jul/2026:09:28:32.854273 +0000] akTdwB9eA2Q92AizAor0RAAAAEo 162.158.88.117 42040 172.26.37.160 7081
--791ca570-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a14461953e73fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--791ca570-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--791ca570-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTdwB9eA2Q92AizAor0RAAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782898112849478 4889 (- - -)
Stopwatch2: 1782898112849478 4889; combined=2466, p1=777, p2=1494, p3=0, p4=0, p5=132, sr=66, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--791ca570-Z--
--f077f766-A--
[01/Jul/2026:09:29:37.587887 +0000] akTeAdXDG6AyyG2HW2QJiQAAANY 162.158.88.117 34608 172.26.37.160 7081
--f077f766-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a1446329df40fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f077f766-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f077f766-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTeAdXDG6AyyG2HW2QJiQAAANY"]
Action: Intercepted (phase 2)
Stopwatch: 1782898177584695 3302 (- - -)
Stopwatch2: 1782898177584695 3302; combined=1592, p1=339, p2=1087, p3=0, p4=0, p5=108, sr=96, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f077f766-Z--
--3479ac08-A--
[01/Jul/2026:09:30:09.794156 +0000] akTeIdXDG6AyyG2HW2QJjAAAANc 162.158.88.117 35872 172.26.37.160 7081
--3479ac08-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a14463f31bb7fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3479ac08-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3479ac08-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTeIdXDG6AyyG2HW2QJjAAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782898209791235 3023 (- - -)
Stopwatch2: 1782898209791235 3023; combined=1653, p1=333, p2=1143, p3=0, p4=0, p5=115, sr=84, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3479ac08-Z--
--d1bd9609-A--
[01/Jul/2026:09:31:35.672704 +0000] akTed9XDG6AyyG2HW2QJugAAAME 162.158.88.117 60058 172.26.37.160 7081
--d1bd9609-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-IN
cf-ray: a144660bdaa0fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--d1bd9609-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d1bd9609-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTed9XDG6AyyG2HW2QJugAAAME"]
Action: Intercepted (phase 2)
Stopwatch: 1782898295669308 3481 (- - -)
Stopwatch2: 1782898295669308 3481; combined=2103, p1=598, p2=1308, p3=0, p4=0, p5=130, sr=73, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d1bd9609-Z--
--7e20ec02-A--
[01/Jul/2026:09:32:07.637534 +0000] akTel05ZukFkf9XpqInlfgAAAIg 162.158.88.117 51814 172.26.37.160 7081
--7e20ec02-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.88.117
X-Forwarded-For: 202.141.8.116
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-IN
cf-ray: a14466d39e61fe17-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 202.141.8.116
cf-ipcountry: IN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7e20ec02-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7e20ec02-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.141.8.116 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akTel05ZukFkf9XpqInlfgAAAIg"]
Action: Intercepted (phase 2)
Stopwatch: 1782898327632693 4934 (- - -)
Stopwatch2: 1782898327632693 4934; combined=2907, p1=345, p2=2003, p3=0, p4=0, p5=493, sr=102, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7e20ec02-Z--
--06ded664-A--
[01/Jul/2026:09:33:05.298401 +0000] akTe0dXDG6AyyG2HW2QKGgAAAMY 164.92.168.129 33714 172.26.37.160 7081
--06ded664-B--
GET /.git/config HTTP/1.1
Host: eonhk.com
X-Real-IP: 164.92.168.129
X-Accel-Internal: /internal-nginx-static-location
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--06ded664-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--06ded664-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/.git/config"] [unique_id "akTe0dXDG6AyyG2HW2QKGgAAAMY"]
Action: Intercepted (phase 1)
Stopwatch: 1782898385297834 619 (- - -)
Stopwatch2: 1782898385297834 619; combined=242, p1=188, p2=0, p3=0, p4=0, p5=53, sr=65, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--06ded664-Z--
--68b16e65-A--
[01/Jul/2026:09:34:12.006998 +0000] akTfFB9eA2Q92AizAor00AAAAEM 213.171.208.62 58774 172.26.37.160 7081
--68b16e65-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: avmhk.com
X-Real-IP: 213.171.208.62
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46QWRtaW4xMjM=
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
--68b16e65-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--68b16e65-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTfFB9eA2Q92AizAor00AAAAEM"]
Action: Intercepted (phase 2)
Stopwatch: 1782898452004794 2290 (- - -)
Stopwatch2: 1782898452004794 2290; combined=853, p1=302, p2=501, p3=0, p4=0, p5=49, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--68b16e65-Z--
--c5371604-A--
[01/Jul/2026:09:44:55.974430 +0000] akThl9XDG6AyyG2HW2QKpQAAANY 2.50.175.79 52006 172.26.37.160 7081
--c5371604-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c5371604-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c5371604-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akThl9XDG6AyyG2HW2QKpQAAANY"]
Action: Intercepted (phase 2)
Stopwatch: 1782899095970795 3725 (- - -)
Stopwatch2: 1782899095970795 3725; combined=1991, p1=364, p2=1449, p3=0, p4=0, p5=115, sr=74, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c5371604-Z--
--ff53e917-A--
[01/Jul/2026:09:45:03.333291 +0000] akThn9XDG6AyyG2HW2QKpgAAAMc 162.158.210.58 52068 172.26.37.160 7081
--ff53e917-B--
GET /.git/HEAD HTTP/1.1
Host: immunehk.com
X-Real-IP: 162.158.210.58
X-Forwarded-For: 91.92.241.196
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
cf-ray: a14479c0cd0cd0ec-SOF
accept-encoding: gzip, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 91.92.241.196
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
--ff53e917-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ff53e917-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/.git/HEAD"] [unique_id "akThn9XDG6AyyG2HW2QKpgAAAMc"]
Action: Intercepted (phase 1)
Stopwatch: 1782899103332103 1256 (- - -)
Stopwatch2: 1782899103332103 1256; combined=251, p1=194, p2=0, p3=0, p4=0, p5=56, sr=75, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ff53e917-Z--
--70a4ad16-A--
[01/Jul/2026:09:45:04.058401 +0000] akThoNXDG6AyyG2HW2QKpwAAANA 162.158.210.58 52096 172.26.37.160 7081
--70a4ad16-B--
GET /.git/config HTTP/1.1
Host: immunehk.com
X-Real-IP: 162.158.210.58
X-Forwarded-For: 91.92.241.196
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
cf-ray: a14479c7cf4fd0e4-SOF
accept-encoding: gzip, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 91.92.241.196
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
--70a4ad16-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--70a4ad16-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/.git/config"] [unique_id "akThoNXDG6AyyG2HW2QKpwAAANA"]
Action: Intercepted (phase 1)
Stopwatch: 1782899104057805 664 (- - -)
Stopwatch2: 1782899104057805 664; combined=264, p1=209, p2=0, p3=0, p4=0, p5=55, sr=88, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--70a4ad16-Z--
--3c02ec0b-A--
[01/Jul/2026:09:45:49.632260 +0000] akThzdXDG6AyyG2HW2QKrAAAAMA 2.50.175.79 46070 172.26.37.160 7081
--3c02ec0b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--3c02ec0b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3c02ec0b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akThzdXDG6AyyG2HW2QKrAAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782899149628587 3731 (- - -)
Stopwatch2: 1782899149628587 3731; combined=2387, p1=348, p2=1850, p3=0, p4=0, p5=129, sr=87, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3c02ec0b-Z--
--94e6fe1b-A--
[01/Jul/2026:09:47:48.004491 +0000] akTiRE5ZukFkf9XpqInmpQAAAI8 2.50.175.79 38250 172.26.37.160 7081
--94e6fe1b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--94e6fe1b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--94e6fe1b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTiRE5ZukFkf9XpqInmpQAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782899268000160 4398 (- - -)
Stopwatch2: 1782899268000160 4398; combined=2310, p1=355, p2=1700, p3=0, p4=0, p5=161, sr=79, sw=94, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--94e6fe1b-Z--
--d6de133a-A--
[01/Jul/2026:09:48:31.465741 +0000] akTib05ZukFkf9XpqInmuQAAAIQ 2.50.175.79 46300 172.26.37.160 7081
--d6de133a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--d6de133a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d6de133a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTib05ZukFkf9XpqInmuQAAAIQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782899311462959 2838 (- - -)
Stopwatch2: 1782899311462959 2838; combined=1515, p1=344, p2=982, p3=0, p4=0, p5=129, sr=87, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d6de133a-Z--
--e1dc9e0c-A--
[01/Jul/2026:09:49:03.804333 +0000] akTijx9eA2Q92AizAor1bQAAAEo 2.50.175.79 43168 172.26.37.160 7081
--e1dc9e0c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e1dc9e0c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e1dc9e0c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTijx9eA2Q92AizAor1bQAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782899343801165 3224 (- - -)
Stopwatch2: 1782899343801165 3224; combined=1535, p1=345, p2=1004, p3=0, p4=0, p5=126, sr=79, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e1dc9e0c-Z--
--99ecba06-A--
[01/Jul/2026:09:49:29.635803 +0000] akTiqdXDG6AyyG2HW2QLAAAAAM4 91.92.42.120 46144 172.26.37.160 7081
--99ecba06-B--
GET /wp-config.php HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 91.92.42.120
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Mobile Safari/537.36
referer: http://preemptivestrategies.hk/wp-config.php
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--99ecba06-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--99ecba06-H--
Message: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-config.php"] [unique_id "akTiqdXDG6AyyG2HW2QLAAAAAM4"]
Action: Intercepted (phase 1)
Stopwatch: 1782899369635222 641 (- - -)
Stopwatch2: 1782899369635222 641; combined=244, p1=194, p2=0, p3=0, p4=0, p5=49, sr=79, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--99ecba06-Z--
--30480c63-A--
[01/Jul/2026:09:49:30.113151 +0000] akTiqtXDG6AyyG2HW2QLAQAAAMY 91.92.42.120 46152 172.26.37.160 7081
--30480c63-B--
GET /.env HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 91.92.42.120
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
referer: http://preemptivestrategies.hk/.env
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--30480c63-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--30480c63-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.preemptivestrategies.hk"] [uri "/.env"] [unique_id "akTiqtXDG6AyyG2HW2QLAQAAAMY"]
Action: Intercepted (phase 1)
Stopwatch: 1782899370112393 821 (- - -)
Stopwatch2: 1782899370112393 821; combined=401, p1=190, p2=0, p3=0, p4=0, p5=210, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--30480c63-Z--
--02caef41-A--
[01/Jul/2026:09:49:31.263954 +0000] akTiq9XDG6AyyG2HW2QLAwAAANg 91.92.42.120 46172 172.26.37.160 7081
--02caef41-B--
GET /.git/config HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 91.92.42.120
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
referer: http://preemptivestrategies.hk/.git/config
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--02caef41-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--02caef41-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.preemptivestrategies.hk"] [uri "/.git/config"] [unique_id "akTiq9XDG6AyyG2HW2QLAwAAANg"]
Action: Intercepted (phase 1)
Stopwatch: 1782899371262520 1521 (- - -)
Stopwatch2: 1782899371262520 1521; combined=220, p1=170, p2=0, p3=0, p4=0, p5=50, sr=63, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--02caef41-Z--
--6b4bf921-A--
[01/Jul/2026:09:49:34.612763 +0000] akTirk5ZukFkf9XpqInm1AAAAIg 185.243.242.216 49728 172.26.37.160 7081
--6b4bf921-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 185.243.242.216
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://preemptivestrategies.hk/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0
--6b4bf921-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6b4bf921-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTirk5ZukFkf9XpqInm1AAAAIg"]
Action: Intercepted (phase 2)
Stopwatch: 1782899374610203 2611 (- - -)
Stopwatch2: 1782899374610203 2611; combined=1200, p1=306, p2=825, p3=0, p4=0, p5=68, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6b4bf921-Z--
--412a0d5c-A--
[01/Jul/2026:09:49:46.747107 +0000] akTiuk5ZukFkf9XpqInm1gAAAII 2.50.175.79 47004 172.26.37.160 7081
--412a0d5c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--412a0d5c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--412a0d5c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTiuk5ZukFkf9XpqInm1gAAAII"]
Action: Intercepted (phase 2)
Stopwatch: 1782899386743835 3379 (- - -)
Stopwatch2: 1782899386743835 3379; combined=1723, p1=324, p2=1229, p3=0, p4=0, p5=111, sr=81, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--412a0d5c-Z--
--e0b1fc4d-A--
[01/Jul/2026:09:50:08.382039 +0000] akTi0E5ZukFkf9XpqInm2gAAAIE 2.50.175.79 49260 172.26.37.160 7081
--e0b1fc4d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e0b1fc4d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e0b1fc4d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTi0E5ZukFkf9XpqInm2gAAAIE"]
Action: Intercepted (phase 2)
Stopwatch: 1782899408378614 3510 (- - -)
Stopwatch2: 1782899408378614 3510; combined=2198, p1=1015, p2=1004, p3=0, p4=0, p5=114, sr=73, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e0b1fc4d-Z--
--1a98913b-A--
[01/Jul/2026:09:51:56.147457 +0000] akTjPE5ZukFkf9XpqInnBQAAAJQ 2.50.175.79 40444 172.26.37.160 7081
--1a98913b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--1a98913b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1a98913b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTjPE5ZukFkf9XpqInnBQAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782899516144414 3099 (- - -)
Stopwatch2: 1782899516144414 3099; combined=1811, p1=344, p2=1236, p3=0, p4=0, p5=142, sr=82, sw=89, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1a98913b-Z--
--1a71d36b-A--
[01/Jul/2026:09:53:00.606697 +0000] akTjfNXDG6AyyG2HW2QLUgAAAMI 2.50.175.79 47708 172.26.37.160 7081
--1a71d36b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--1a71d36b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1a71d36b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTjfNXDG6AyyG2HW2QLUgAAAMI"]
Action: Intercepted (phase 2)
Stopwatch: 1782899580602893 4078 (- - -)
Stopwatch2: 1782899580602893 4078; combined=1995, p1=369, p2=1414, p3=0, p4=0, p5=141, sr=125, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1a71d36b-Z--
--5a8bd13a-A--
[01/Jul/2026:09:53:11.317299 +0000] akTjh05ZukFkf9XpqInnGQAAAJE 2.50.175.79 33038 172.26.37.160 7081
--5a8bd13a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--5a8bd13a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5a8bd13a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTjh05ZukFkf9XpqInnGQAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782899591313032 4324 (- - -)
Stopwatch2: 1782899591313032 4324; combined=2900, p1=348, p2=2364, p3=0, p4=0, p5=123, sr=76, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5a8bd13a-Z--
--c8792b13-A--
[01/Jul/2026:09:54:05.797729 +0000] akTjvR9eA2Q92AizAor13gAAAE4 2.50.175.79 58582 172.26.37.160 7081
--c8792b13-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c8792b13-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c8792b13-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTjvR9eA2Q92AizAor13gAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782899645611769 186035 (- - -)
Stopwatch2: 1782899645611769 186035; combined=365347, p1=1129, p2=1484, p3=0, p4=0, p5=181393, sr=67, sw=181341, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c8792b13-Z--
--e295cd3e-A--
[01/Jul/2026:09:54:27.236531 +0000] akTj005ZukFkf9XpqInncQAAAIs 2.50.175.79 58828 172.26.37.160 7081
--e295cd3e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e295cd3e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e295cd3e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTj005ZukFkf9XpqInncQAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782899667233828 3588 (- - -)
Stopwatch2: 1782899667233828 3588; combined=1772, p1=911, p2=704, p3=0, p4=0, p5=102, sr=84, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e295cd3e-Z--
--8b90461d-A--
[01/Jul/2026:09:56:15.172229 +0000] akTkPx9eA2Q92AizAor2FAAAAEw 2.50.175.79 35946 172.26.37.160 7081
--8b90461d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--8b90461d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8b90461d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTkPx9eA2Q92AizAor2FAAAAEw"]
Action: Intercepted (phase 2)
Stopwatch: 1782899775164230 12722 (- - -)
Stopwatch2: 1782899775164230 12722; combined=3123, p1=339, p2=2568, p3=0, p4=0, p5=145, sr=75, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8b90461d-Z--
--9509495b-A--
[01/Jul/2026:09:56:36.855898 +0000] akTkVNXDG6AyyG2HW2QL3wAAANQ 2.50.175.79 52226 172.26.37.160 7081
--9509495b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--9509495b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9509495b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTkVNXDG6AyyG2HW2QL3wAAANQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782899796852976 2978 (- - -)
Stopwatch2: 1782899796852976 2978; combined=1767, p1=345, p2=1248, p3=0, p4=0, p5=113, sr=77, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9509495b-Z--
--802ad82d-A--
[01/Jul/2026:09:57:15.653538 +0000] akTke05ZukFkf9XpqInn@QAAAIU 195.160.223.246 54124 172.26.37.160 7081
--802ad82d-B--
GET /.git/HEAD?_=86SwXaiM HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 195.160.223.246
X-Forwarded-For: 64.201.171.47, 138.96.51.5, 127.0.0.1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
priority: u=0, i
cf-connecting-ip: 64.201.171.47
true-client-ip: 64.201.171.47
x-originating-ip: 127.0.0.1
x-client-ip: 127.0.0.1
x-remote-addr: 127.0.0.1
x-remote-ip: 127.0.0.1
x-cluster-client-ip: 127.0.0.1
x-proxyuser-ip: 127.0.0.1
x-custom-ip-authorization: 127.0.0.1
x-forwarded-host: localhost
x-host: localhost
x-forwarded-server: localhost
x-original-url: /.git/HEAD
x-rewrite-url: /.git/HEAD
x-override-url: /.git/HEAD
forwarded: for=127.0.0.1;host=localhost;proto=http,for=64.201.171.47;proto=https
via: 1.1 cache-4007.cloudflare.com (Squid/5.0)
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
accept-language: id-ID,id;q=0.9,en-US;q=0.8,en;q=0.7
accept-encoding: gzip, deflate, br, zstd
cache-control: max-age=0
upgrade-insecure-requests: 1
referer: https://duckduckgo.com/
cf-ipcountry: US
cf-ray: ae8ff7b0d62ef951-IAD
akamai-origin-hop: 1
x-akamai-config-log-detail: true
sec-ch-ua: "Google Chrome";v="124", "Chromium";v="124", "Not-A.Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: 15.0.0
sec-ch-ua-full-version-list: "Google Chrome";v="124", "Chromium";v="124", "Not-A.Brand";v="99"
--802ad82d-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--802ad82d-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/HEAD"] [unique_id "akTke05ZukFkf9XpqInn@QAAAIU"]
Action: Intercepted (phase 1)
Stopwatch: 1782899835652148 1536 (- - -)
Stopwatch2: 1782899835652148 1536; combined=313, p1=242, p2=0, p3=0, p4=0, p5=71, sr=83, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--802ad82d-Z--
--00bf5a37-A--
[01/Jul/2026:09:57:15.814532 +0000] akTke9XDG6AyyG2HW2QL8AAAAMg 195.160.223.246 54130 172.26.37.160 7081
--00bf5a37-B--
POST /.git/HEAD?_=RrtsSYdD HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 195.160.223.246
X-Forwarded-For: 151.190.227.239, 90.79.79.83, 127.0.0.1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=1, i
cf-connecting-ip: 151.190.227.239
true-client-ip: 151.190.227.239
x-originating-ip: 127.0.0.1
x-client-ip: 127.0.0.1
x-remote-addr: 127.0.0.1
x-remote-ip: 127.0.0.1
x-cluster-client-ip: 127.0.0.1
x-proxyuser-ip: 127.0.0.1
x-custom-ip-authorization: 127.0.0.1
x-forwarded-host: localhost
x-host: localhost
x-forwarded-server: localhost
x-original-url: /.git/HEAD
x-rewrite-url: /.git/HEAD
x-override-url: /.git/HEAD
forwarded: for=127.0.0.1;host=localhost;proto=http,for=151.190.227.239;proto=https
via: 1.1 117.cloudfront.net (Squid/5.0)
cf-ipcountry: US
cf-ray: 380859f8811d7f62-IAD
akamai-origin-hop: 1
accept: application/json, text/plain, */*
accept-language: en-US,en;q=0.9,id;q=0.8
accept-encoding: gzip, deflate, br, zstd
sec-ch-ua: "Google Chrome";v="124", "Chromium";v="124", "Not-A.Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
--00bf5a37-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--00bf5a37-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/HEAD"] [unique_id "akTke9XDG6AyyG2HW2QL8AAAAMg"]
Action: Intercepted (phase 1)
Stopwatch: 1782899835813783 875 (- - -)
Stopwatch2: 1782899835813783 875; combined=241, p1=189, p2=0, p3=0, p4=0, p5=51, sr=78, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--00bf5a37-Z--
--c8ddda0c-A--
[01/Jul/2026:09:57:15.973502 +0000] akTke05ZukFkf9XpqInn@gAAAJU 195.160.223.246 54144 172.26.37.160 7081
--c8ddda0c-B--
GET /.git/?_=O81gQTHM HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 195.160.223.246
X-Forwarded-For: 201.178.217.18, 76.129.32.85, 127.0.0.1
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
priority: u=0, i
cf-connecting-ip: 201.178.217.18
true-client-ip: 201.178.217.18
x-originating-ip: 127.0.0.1
x-client-ip: 127.0.0.1
x-remote-addr: 127.0.0.1
x-remote-ip: 127.0.0.1
x-cluster-client-ip: 127.0.0.1
x-proxyuser-ip: 127.0.0.1
x-custom-ip-authorization: 127.0.0.1
x-forwarded-host: localhost
x-host: localhost
x-forwarded-server: localhost
x-original-url: /.git/, /.git/HEAD
x-rewrite-url: /.git/
x-override-url: /.git/
forwarded: for=127.0.0.1;host=localhost;proto=http,for=201.178.217.18;proto=https
via: 1.1 a968.akamaiedge.net (Squid/5.0)
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
accept-language: en-GB,en;q=0.9,en-US;q=0.8
accept-encoding: gzip, deflate, br, zstd
cache-control: max-age=0
upgrade-insecure-requests: 1
referer: https://bing.com/search
cf-ipcountry: US
cf-ray: f54060381fa2c848-IAD
akamai-origin-hop: 1
x-akamai-config-log-detail: true
--c8ddda0c-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--c8ddda0c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/"] [unique_id "akTke05ZukFkf9XpqInn@gAAAJU"]
Action: Intercepted (phase 1)
Stopwatch: 1782899835973020 621 (- - -)
Stopwatch2: 1782899835973020 621; combined=251, p1=198, p2=0, p3=0, p4=0, p5=52, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c8ddda0c-Z--
--93b66343-A--
[01/Jul/2026:09:57:16.132149 +0000] akTkfE5ZukFkf9XpqInn@wAAAIM 195.160.223.246 54148 172.26.37.160 7081
--93b66343-B--
GET /.git/?_=JB0SGn8s HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 195.160.223.246
X-Forwarded-For: 140.217.146.100, 177.32.91.19, 127.0.0.1
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-origin
sec-fetch-user: ?1
priority: u=0, i
cf-connecting-ip: 140.217.146.100
true-client-ip: 140.217.146.100
x-originating-ip: 127.0.0.1
x-client-ip: 127.0.0.1
x-remote-addr: 127.0.0.1
x-remote-ip: 127.0.0.1
x-cluster-client-ip: 127.0.0.1
x-proxyuser-ip: 127.0.0.1
x-custom-ip-authorization: 127.0.0.1
x-forwarded-host: localhost
x-host: localhost
x-forwarded-server: localhost
x-original-url: /.git/
x-rewrite-url: /.git/, /.git/HEAD
x-override-url: /.git/
forwarded: for=127.0.0.1;host=localhost;proto=http,for=140.217.146.100;proto=https
via: 1.1 168.cloudfront.net (Squid/5.0)
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
accept-language: en-GB,en;q=0.9,en-US;q=0.8
accept-encoding: gzip, deflate, br, zstd
cache-control: max-age=0
upgrade-insecure-requests: 1
referer: https://bing.com/search
cf-ipcountry: US
cf-ray: fc74c7d2d5316bb5-IAD
akamai-origin-hop: 1
x-akamai-config-log-detail: true
--93b66343-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--93b66343-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/"] [unique_id "akTkfE5ZukFkf9XpqInn@wAAAIM"]
Action: Intercepted (phase 1)
Stopwatch: 1782899836131416 864 (- - -)
Stopwatch2: 1782899836131416 864; combined=252, p1=193, p2=0, p3=0, p4=0, p5=58, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--93b66343-Z--
--2f430110-A--
[01/Jul/2026:09:57:16.293420 +0000] akTkfB9eA2Q92AizAor2JwAAAEI 195.160.223.246 54164 172.26.37.160 7081
--2f430110-B--
GET /.git/?_=lluXNRFP HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 195.160.223.246
X-Forwarded-For: 92.84.64.54, 21.123.170.10, 127.0.0.1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
priority: u=0, i
cf-connecting-ip: 92.84.64.54
true-client-ip: 92.84.64.54
x-originating-ip: 127.0.0.1
x-client-ip: 127.0.0.1
x-remote-addr: 127.0.0.1
x-remote-ip: 127.0.0.1
x-cluster-client-ip: 127.0.0.1
x-proxyuser-ip: 127.0.0.1
x-custom-ip-authorization: 127.0.0.1
x-forwarded-host: localhost
x-host: localhost
x-forwarded-server: localhost
x-original-url: /.git/
x-rewrite-url: /.git/
x-override-url: /.git/, /.git/HEAD
forwarded: for=127.0.0.1;host=localhost;proto=http,for=92.84.64.54;proto=https
via: 1.1 cache-5748.cloudflare.com (Squid/5.0)
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
accept-language: id-ID,id;q=0.9,en-US;q=0.8,en;q=0.7
accept-encoding: gzip, deflate, br, zstd
cache-control: max-age=0
upgrade-insecure-requests: 1
referer: https://duckduckgo.com/
cf-ipcountry: US
cf-ray: 0ee90013de0f03df-IAD
akamai-origin-hop: 1
x-akamai-config-log-detail: true
--2f430110-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--2f430110-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/"] [unique_id "akTkfB9eA2Q92AizAor2JwAAAEI"]
Action: Intercepted (phase 1)
Stopwatch: 1782899836292915 625 (- - -)
Stopwatch2: 1782899836292915 625; combined=235, p1=180, p2=0, p3=0, p4=0, p5=54, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2f430110-Z--
--92c7d427-A--
[01/Jul/2026:09:57:41.565377 +0000] akTklU5ZukFkf9XpqInn-wAAAJA 2.50.175.79 48352 172.26.37.160 7081
--92c7d427-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--92c7d427-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--92c7d427-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTklU5ZukFkf9XpqInn-wAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782899861561249 4191 (- - -)
Stopwatch2: 1782899861561249 4191; combined=2802, p1=1206, p2=1260, p3=0, p4=0, p5=275, sr=76, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--92c7d427-Z--
--65a71159-A--
[01/Jul/2026:09:58:57.082583 +0000] akTk4dXDG6AyyG2HW2QMIAAAAM8 2.50.175.79 42074 172.26.37.160 7081
--65a71159-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--65a71159-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--65a71159-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTk4dXDG6AyyG2HW2QMIAAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782899937078620 4213 (- - -)
Stopwatch2: 1782899937078620 4213; combined=1696, p1=315, p2=1209, p3=0, p4=0, p5=111, sr=74, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--65a71159-Z--
--f75b9063-A--
[01/Jul/2026:10:00:02.135228 +0000] akTlIk5ZukFkf9XpqInoUQAAAJY 2.50.175.79 34570 172.26.37.160 7081
--f75b9063-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f75b9063-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f75b9063-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTlIk5ZukFkf9XpqInoUQAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782900002125416 10804 (- - -)
Stopwatch2: 1782900002125416 10804; combined=6329, p1=345, p2=5759, p3=0, p4=0, p5=151, sr=70, sw=74, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f75b9063-Z--
--5c698129-A--
[01/Jul/2026:10:01:07.060314 +0000] akTlY05ZukFkf9XpqInomQAAAJE 2.50.175.79 53154 172.26.37.160 7081
--5c698129-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5c698129-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5c698129-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTlY05ZukFkf9XpqInomQAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782900067056898 3506 (- - -)
Stopwatch2: 1782900067056898 3506; combined=1734, p1=344, p2=1215, p3=0, p4=0, p5=114, sr=79, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5c698129-Z--
--68122823-A--
[01/Jul/2026:10:02:22.694739 +0000] akTlrh9eA2Q92AizAor2zQAAAEE 2.50.175.79 40434 172.26.37.160 7081
--68122823-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--68122823-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--68122823-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTlrh9eA2Q92AizAor2zQAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782900142691271 3528 (- - -)
Stopwatch2: 1782900142691271 3528; combined=1647, p1=332, p2=1129, p3=0, p4=0, p5=123, sr=73, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--68122823-Z--
--fa864478-A--
[01/Jul/2026:10:03:06.098986 +0000] akTl2tXDG6AyyG2HW2QMlwAAANU 2.50.175.79 53320 172.26.37.160 7081
--fa864478-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--fa864478-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fa864478-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTl2tXDG6AyyG2HW2QMlwAAANU"]
Action: Intercepted (phase 2)
Stopwatch: 1782900186095538 3512 (- - -)
Stopwatch2: 1782900186095538 3512; combined=1559, p1=317, p2=1035, p3=0, p4=0, p5=136, sr=76, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fa864478-Z--
--4d3fdf17-A--
[01/Jul/2026:10:04:11.148045 +0000] akTmGx9eA2Q92AizAor21wAAAEA 2.50.175.79 41930 172.26.37.160 7081
--4d3fdf17-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--4d3fdf17-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4d3fdf17-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTmGx9eA2Q92AizAor21wAAAEA"]
Action: Intercepted (phase 2)
Stopwatch: 1782900251143036 8870 (- - -)
Stopwatch2: 1782900251143036 8870; combined=2178, p1=316, p2=1668, p3=0, p4=0, p5=128, sr=74, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4d3fdf17-Z--
--db506c1b-A--
[01/Jul/2026:10:04:22.017664 +0000] akTmJtXDG6AyyG2HW2QMoAAAAMA 2.50.175.79 57922 172.26.37.160 7081
--db506c1b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--db506c1b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--db506c1b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTmJtXDG6AyyG2HW2QMoAAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782900262015020 2733 (- - -)
Stopwatch2: 1782900262015020 2733; combined=1483, p1=326, p2=989, p3=0, p4=0, p5=110, sr=84, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--db506c1b-Z--
--9dd8bb41-A--
[01/Jul/2026:10:05:16.151153 +0000] akTmXE5ZukFkf9XpqIno1wAAAIk 2.50.175.79 59610 172.26.37.160 7081
--9dd8bb41-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--9dd8bb41-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9dd8bb41-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTmXE5ZukFkf9XpqIno1wAAAIk"]
Action: Intercepted (phase 2)
Stopwatch: 1782900316147383 3954 (- - -)
Stopwatch2: 1782900316147383 3954; combined=2537, p1=1079, p2=1280, p3=0, p4=0, p5=115, sr=82, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9dd8bb41-Z--
--7be9c527-A--
[01/Jul/2026:10:05:21.034196 +0000] akTmYdXDG6AyyG2HW2QMpgAAAME 5.206.227.80 45996 172.26.37.160 7080
--7be9c527-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 5.206.227.80
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--7be9c527-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--7be9c527-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akTmYdXDG6AyyG2HW2QMpgAAAME"]
Action: Intercepted (phase 1)
Stopwatch: 1782900321031935 2311 (- - -)
Stopwatch2: 1782900321031935 2311; combined=254, p1=204, p2=0, p3=0, p4=0, p5=50, sr=93, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7be9c527-Z--
--b4229414-A--
[01/Jul/2026:10:05:21.899364 +0000] akTmYU5ZukFkf9XpqIno2AAAAJU 5.206.227.80 59618 172.26.37.160 7081
--b4229414-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 5.206.227.80
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--b4229414-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--b4229414-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akTmYU5ZukFkf9XpqIno2AAAAJU"]
Action: Intercepted (phase 1)
Stopwatch: 1782900321898850 552 (- - -)
Stopwatch2: 1782900321898850 552; combined=269, p1=213, p2=0, p3=0, p4=0, p5=55, sr=101, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b4229414-Z--
--f961ad29-A--
[01/Jul/2026:10:06:21.018851 +0000] akTmnR9eA2Q92AizAor24wAAAFQ 2.50.175.79 51128 172.26.37.160 7081
--f961ad29-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f961ad29-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f961ad29-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTmnR9eA2Q92AizAor24wAAAFQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782900381015543 3394 (- - -)
Stopwatch2: 1782900381015543 3394; combined=1939, p1=364, p2=1407, p3=0, p4=0, p5=111, sr=86, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f961ad29-Z--
--fcf46278-A--
[01/Jul/2026:10:07:03.923612 +0000] akTmx9XDG6AyyG2HW2QMzgAAAMA 2.50.175.79 38346 172.26.37.160 7081
--fcf46278-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--fcf46278-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fcf46278-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTmx9XDG6AyyG2HW2QMzgAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782900423920386 3281 (- - -)
Stopwatch2: 1782900423920386 3281; combined=1539, p1=326, p2=1037, p3=0, p4=0, p5=113, sr=86, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fcf46278-Z--
--2eb23c3a-A--
[01/Jul/2026:10:08:08.189184 +0000] akTnCNXDG6AyyG2HW2QNRwAAAMg 2.50.175.79 55816 172.26.37.160 7081
--2eb23c3a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--2eb23c3a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2eb23c3a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTnCNXDG6AyyG2HW2QNRwAAAMg"]
Action: Intercepted (phase 2)
Stopwatch: 1782900488185018 4223 (- - -)
Stopwatch2: 1782900488185018 4223; combined=1572, p1=343, p2=989, p3=0, p4=0, p5=168, sr=78, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2eb23c3a-Z--
--8da02a3a-A--
[01/Jul/2026:10:08:29.805548 +0000] akTnHR9eA2Q92AizAor3owAAAEE 2.50.175.79 57370 172.26.37.160 7081
--8da02a3a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--8da02a3a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8da02a3a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTnHR9eA2Q92AizAor3owAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782900509802656 2984 (- - -)
Stopwatch2: 1782900509802656 2984; combined=1496, p1=335, p2=1000, p3=0, p4=0, p5=107, sr=72, sw=54, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8da02a3a-Z--
--68d32315-A--
[01/Jul/2026:10:09:24.083182 +0000] akTnVB9eA2Q92AizAor4WAAAAEg 2.50.175.79 36822 172.26.37.160 7081
--68d32315-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--68d32315-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--68d32315-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTnVB9eA2Q92AizAor4WAAAAEg"]
Action: Intercepted (phase 2)
Stopwatch: 1782900564080195 3042 (- - -)
Stopwatch2: 1782900564080195 3042; combined=1479, p1=310, p2=989, p3=0, p4=0, p5=117, sr=75, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--68d32315-Z--
--6fa5dd1d-A--
[01/Jul/2026:10:09:45.675842 +0000] akTnaR9eA2Q92AizAor4XQAAAE8 2.50.175.79 35246 172.26.37.160 7081
--6fa5dd1d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--6fa5dd1d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6fa5dd1d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTnaR9eA2Q92AizAor4XQAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782900585672803 3106 (- - -)
Stopwatch2: 1782900585672803 3106; combined=1549, p1=313, p2=1023, p3=0, p4=0, p5=132, sr=80, sw=81, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6fa5dd1d-Z--
--87313602-A--
[01/Jul/2026:10:12:27.899978 +0000] akToCx9eA2Q92AizAor5EgAAAFg 196.3.97.86 56752 172.26.37.160 7081
--87313602-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--87313602-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--87313602-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akToCx9eA2Q92AizAor5EgAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782900747896971 3065 (- - -)
Stopwatch2: 1782900747896971 3065; combined=1596, p1=344, p2=1071, p3=0, p4=0, p5=120, sr=77, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--87313602-Z--
--9c051b6e-A--
[01/Jul/2026:10:12:59.806455 +0000] akToKx9eA2Q92AizAor5KAAAAFQ 196.3.97.86 57978 172.26.37.160 7081
--9c051b6e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--9c051b6e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9c051b6e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akToKx9eA2Q92AizAor5KAAAAFQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782900779803586 2930 (- - -)
Stopwatch2: 1782900779803586 2930; combined=1526, p1=314, p2=1024, p3=0, p4=0, p5=125, sr=73, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9c051b6e-Z--
--1a9fb412-A--
[01/Jul/2026:10:13:35.335823 +0000] akToTx9eA2Q92AizAor5OAAAAEo 196.3.97.86 43774 172.26.37.160 7081
--1a9fb412-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--1a9fb412-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1a9fb412-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akToTx9eA2Q92AizAor5OAAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782900815330922 4975 (- - -)
Stopwatch2: 1782900815330922 4975; combined=1535, p1=380, p2=933, p3=0, p4=0, p5=150, sr=85, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1a9fb412-Z--
--63ae975b-A--
[01/Jul/2026:10:14:00.353874 +0000] akToaPa2KgOyAmlZY0usAQAAAAo 196.3.97.86 53448 172.26.37.160 7081
--63ae975b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--63ae975b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--63ae975b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akToaPa2KgOyAmlZY0usAQAAAAo"]
Action: Intercepted (phase 2)
Stopwatch: 1782900840350253 3706 (- - -)
Stopwatch2: 1782900840350253 3706; combined=2017, p1=321, p2=1458, p3=0, p4=0, p5=160, sr=73, sw=78, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--63ae975b-Z--
--16961973-A--
[01/Jul/2026:10:15:26.084615 +0000] akTovh9eA2Q92AizAor5UAAAAEs 196.3.97.86 47212 172.26.37.160 7081
--16961973-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--16961973-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--16961973-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTovh9eA2Q92AizAor5UAAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782900926080910 3773 (- - -)
Stopwatch2: 1782900926080910 3773; combined=2480, p1=926, p2=1379, p3=0, p4=0, p5=114, sr=86, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--16961973-Z--
--85dd0c6c-A--
[01/Jul/2026:10:15:57.730942 +0000] akTo3dXDG6AyyG2HW2QPJgAAAMc 196.3.97.86 46028 172.26.37.160 7081
--85dd0c6c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--85dd0c6c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--85dd0c6c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTo3dXDG6AyyG2HW2QPJgAAAMc"]
Action: Intercepted (phase 2)
Stopwatch: 1782900957725600 5417 (- - -)
Stopwatch2: 1782900957725600 5417; combined=3894, p1=542, p2=3171, p3=0, p4=0, p5=115, sr=76, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--85dd0c6c-Z--
--dfc9121f-A--
[01/Jul/2026:10:16:06.475614 +0000] akTo5va2KgOyAmlZY0usGgAAAAQ 172.70.135.5 45410 172.26.37.160 7081
--dfc9121f-B--
GET /products/1994828028319?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.135.5
X-Forwarded-For: 2a03:2880:f800:2f::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a144a73c7c86f27c-IAD
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f800:2f::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--dfc9121f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dfc9121f-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/products/1994828028319"] [unique_id "akTo5va2KgOyAmlZY0usGgAAAAQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782900966472989 2719 (- - -)
Stopwatch2: 1782900966472989 2719; combined=1033, p1=975, p2=0, p3=0, p4=0, p5=57, sr=64, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dfc9121f-Z--
--b3b43813-A--
[01/Jul/2026:10:17:01.082583 +0000] akTpHR9eA2Q92AizAor5dwAAAFY 196.3.97.86 44568 172.26.37.160 7081
--b3b43813-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--b3b43813-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b3b43813-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTpHR9eA2Q92AizAor5dwAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782901021078985 3656 (- - -)
Stopwatch2: 1782901021078985 3656; combined=2030, p1=374, p2=1453, p3=0, p4=0, p5=133, sr=78, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b3b43813-Z--
--704df455-A--
[01/Jul/2026:10:17:22.231223 +0000] akTpMva2KgOyAmlZY0usLQAAAAk 196.3.97.86 52084 172.26.37.160 7081
--704df455-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--704df455-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--704df455-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTpMva2KgOyAmlZY0usLQAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782901042228019 3277 (- - -)
Stopwatch2: 1782901042228019 3277; combined=1461, p1=322, p2=957, p3=0, p4=0, p5=121, sr=83, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--704df455-Z--
--d220d654-A--
[01/Jul/2026:10:18:25.588114 +0000] akTpcR9eA2Q92AizAor5jgAAAE8 196.3.97.86 43164 172.26.37.160 7081
--d220d654-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--d220d654-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d220d654-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTpcR9eA2Q92AizAor5jgAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782901105585003 3177 (- - -)
Stopwatch2: 1782901105585003 3177; combined=1857, p1=658, p2=1035, p3=0, p4=0, p5=108, sr=370, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d220d654-Z--
--374a7a6b-A--
[01/Jul/2026:10:19:08.058499 +0000] akTpnPa2KgOyAmlZY0usQAAAABI 196.3.97.86 33358 172.26.37.160 7081
--374a7a6b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--374a7a6b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--374a7a6b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTpnPa2KgOyAmlZY0usQAAAABI"]
Action: Intercepted (phase 2)
Stopwatch: 1782901148054811 4226 (- - -)
Stopwatch2: 1782901148054811 4226; combined=1548, p1=392, p2=982, p3=0, p4=0, p5=112, sr=84, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--374a7a6b-Z--
--9c8fcf4c-A--
[01/Jul/2026:10:19:25.799209 +0000] akTprR9eA2Q92AizAor5ngAAAEU 105.232.129.29 60346 172.26.37.160 7081
--9c8fcf4c-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 105.232.129.29
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-NA
User-Agent: WordPress.com; https://wordpress.com
--9c8fcf4c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9c8fcf4c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.129.29 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.129.29 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTprR9eA2Q92AizAor5ngAAAEU"]
Action: Intercepted (phase 2)
Stopwatch: 1782901165795142 4290 (- - -)
Stopwatch2: 1782901165795142 4290; combined=2721, p1=1150, p2=1336, p3=0, p4=0, p5=149, sr=75, sw=86, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9c8fcf4c-Z--
--12cdb23d-A--
[01/Jul/2026:10:20:21.833706 +0000] akTp5fa2KgOyAmlZY0usTAAAABc 196.3.97.86 59128 172.26.37.160 7081
--12cdb23d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--12cdb23d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--12cdb23d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTp5fa2KgOyAmlZY0usTAAAABc"]
Action: Intercepted (phase 2)
Stopwatch: 1782901221830718 3084 (- - -)
Stopwatch2: 1782901221830718 3084; combined=1782, p1=607, p2=998, p3=0, p4=0, p5=116, sr=96, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--12cdb23d-Z--
--36d7c647-A--
[01/Jul/2026:10:20:43.085402 +0000] akTp@x9eA2Q92AizAor5qwAAAFI 196.3.97.86 45226 172.26.37.160 7081
--36d7c647-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--36d7c647-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--36d7c647-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTp@x9eA2Q92AizAor5qwAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782901243081666 3800 (- - -)
Stopwatch2: 1782901243081666 3800; combined=2427, p1=319, p2=1908, p3=0, p4=0, p5=136, sr=73, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--36d7c647-Z--
--37c89d4c-A--
[01/Jul/2026:10:20:53.778465 +0000] akTqBR9eA2Q92AizAor5rQAAAEw 105.232.129.29 57854 172.26.37.160 7081
--37c89d4c-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 105.232.129.29
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-NA
User-Agent: WordPress.com; https://wordpress.com
--37c89d4c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--37c89d4c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.129.29 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.129.29 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTqBR9eA2Q92AizAor5rQAAAEw"]
Action: Intercepted (phase 2)
Stopwatch: 1782901253775802 2719 (- - -)
Stopwatch2: 1782901253775802 2719; combined=1497, p1=348, p2=984, p3=0, p4=0, p5=108, sr=82, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--37c89d4c-Z--
--9a728b12-A--
[01/Jul/2026:10:21:46.623505 +0000] akTqOh9eA2Q92AizAor6OAAAAFc 196.3.97.86 57340 172.26.37.160 7081
--9a728b12-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--9a728b12-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9a728b12-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTqOh9eA2Q92AizAor6OAAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782901306612706 10882 (- - -)
Stopwatch2: 1782901306612706 10882; combined=2714, p1=428, p2=1215, p3=0, p4=0, p5=576, sr=128, sw=495, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9a728b12-Z--
--f626045f-A--
[01/Jul/2026:10:21:48.641401 +0000] akTqOx9eA2Q92AizAor6QQAAAFA 105.232.129.29 57608 172.26.37.160 7081
--f626045f-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 105.232.129.29
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-NA
User-Agent: Jetpack by WordPress.com
--f626045f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f626045f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.129.29 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.129.29 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTqOx9eA2Q92AizAor6QQAAAFA"]
Action: Intercepted (phase 2)
Stopwatch: 1782901307295435 1347618 (- - -)
Stopwatch2: 1782901307295435 1347618; combined=2672821, p1=985, p2=980, p3=0, p4=0, p5=1335454, sr=69, sw=1335402, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f626045f-Z--
--0f0b493f-A--
[01/Jul/2026:10:21:49.600608 +0000] akTqO-a2KgOyAmlZY0us8QAAAAc 36.213.51.50 57592 172.26.37.160 7081
--0f0b493f-B--
GET /services/ HTTP/1.1
Host: avmhk.com
X-Real-IP: 36.213.51.50
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36
Accept-Encoding: gzip
--0f0b493f-F--
HTTP/1.1 200 OK
Vary: User-Agent,Accept-Encoding
Last-Modified: Tue, 16 Sep 2025 08:38:22 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Mon, 29 Oct 1923 20:30:00 GMT
Content-Length: 12183
Content-Type: text/html; charset=UTF-8
--0f0b493f-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "51.79.124.60_0ee6da41ec05a537578512680117eb768569b88f"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "51.79.124.60_0ee6da41ec05a537578512680117eb768569b88f"): Internal error (specific information not available) [hostname "avmhk.com"] [uri "/wp-content/cache/all/services/index.html"] [unique_id "akTqO-a2KgOyAmlZY0us8QAAAAc"]
Stopwatch: 1782901307254409 2346259 (- - -)
Stopwatch2: 1782901307254409 2346259; combined=4683464, p1=334, p2=2201, p3=0, p4=0, p5=2340491, sr=81, sw=1, l=0, gc=2340437
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0f0b493f-Z--
--1d66ba25-A--
[01/Jul/2026:10:23:00.796552 +0000] akTqhB9eA2Q92AizAor6ZwAAAFI 196.3.97.86 52556 172.26.37.160 7081
--1d66ba25-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--1d66ba25-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1d66ba25-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTqhB9eA2Q92AizAor6ZwAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782901380793084 3526 (- - -)
Stopwatch2: 1782901380793084 3526; combined=1530, p1=330, p2=1009, p3=0, p4=0, p5=128, sr=83, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1d66ba25-Z--
--ed59c673-A--
[01/Jul/2026:10:23:43.228078 +0000] akTqr-a2KgOyAmlZY0utFQAAABQ 196.3.97.86 40382 172.26.37.160 7081
--ed59c673-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--ed59c673-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ed59c673-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTqr-a2KgOyAmlZY0utFQAAABQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782901423224341 3796 (- - -)
Stopwatch2: 1782901423224341 3796; combined=2756, p1=333, p2=1413, p3=0, p4=0, p5=534, sr=82, sw=476, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ed59c673-Z--
--5431320d-A--
[01/Jul/2026:10:24:04.261095 +0000] akTqxPa2KgOyAmlZY0utGwAAAAY 196.3.97.86 54782 172.26.37.160 7081
--5431320d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--5431320d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5431320d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTqxPa2KgOyAmlZY0utGwAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782901444258231 2926 (- - -)
Stopwatch2: 1782901444258231 2926; combined=1517, p1=346, p2=944, p3=0, p4=0, p5=165, sr=87, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5431320d-Z--
--71fd1362-A--
[01/Jul/2026:10:24:34.132511 +0000] akTq4h9eA2Q92AizAor6gQAAAEY 105.155.153.59 57120 172.26.37.160 7081
--71fd1362-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--71fd1362-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--71fd1362-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTq4h9eA2Q92AizAor6gQAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782901474128920 3654 (- - -)
Stopwatch2: 1782901474128920 3654; combined=2357, p1=381, p2=1780, p3=0, p4=0, p5=131, sr=89, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--71fd1362-Z--
--97701957-A--
[01/Jul/2026:10:24:46.541229 +0000] akTq7h9eA2Q92AizAor6iAAAAEE 196.3.97.86 51776 172.26.37.160 7081
--97701957-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--97701957-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--97701957-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTq7h9eA2Q92AizAor6iAAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782901486537562 3736 (- - -)
Stopwatch2: 1782901486537562 3736; combined=2334, p1=345, p2=1786, p3=0, p4=0, p5=139, sr=81, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--97701957-Z--
--5346b129-A--
[01/Jul/2026:10:25:07.576828 +0000] akTrA9XDG6AyyG2HW2QQSAAAAMw 196.3.97.86 56682 172.26.37.160 7081
--5346b129-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--5346b129-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5346b129-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTrA9XDG6AyyG2HW2QQSAAAAMw"]
Action: Intercepted (phase 2)
Stopwatch: 1782901507571244 6740 (- - -)
Stopwatch2: 1782901507571244 6740; combined=1992, p1=342, p2=1423, p3=0, p4=0, p5=157, sr=73, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5346b129-Z--
--03142f04-A--
[01/Jul/2026:10:25:37.104042 +0000] akTrIR9eA2Q92AizAor6mgAAAFY 105.155.153.59 42050 172.26.37.160 7081
--03142f04-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--03142f04-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--03142f04-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTrIR9eA2Q92AizAor6mgAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782901537100925 3201 (- - -)
Stopwatch2: 1782901537100925 3201; combined=1527, p1=343, p2=1007, p3=0, p4=0, p5=117, sr=89, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--03142f04-Z--
--07e9970f-A--
[01/Jul/2026:10:25:45.847516 +0000] akTrKdXDG6AyyG2HW2QQSwAAAM4 105.232.128.248 47318 172.26.37.160 7081
--07e9970f-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 105.232.128.248
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-NA
User-Agent: Jetpack by WordPress.com
--07e9970f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--07e9970f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.128.248 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.128.248 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTrKdXDG6AyyG2HW2QQSwAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782901545844020 3580 (- - -)
Stopwatch2: 1782901545844020 3580; combined=2293, p1=316, p2=1797, p3=0, p4=0, p5=121, sr=73, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--07e9970f-Z--
--73a37854-A--
[01/Jul/2026:10:26:10.972778 +0000] akTrQtXDG6AyyG2HW2QQUAAAAMk 91.92.42.182 37668 172.26.37.160 7081
--73a37854-B--
GET /web.config HTTP/1.1
Host: eonhk.com
X-Real-IP: 91.92.42.182
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
referer: http://eonhk.com/web.config
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--73a37854-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--73a37854-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/web.config"] [unique_id "akTrQtXDG6AyyG2HW2QQUAAAAMk"]
Action: Intercepted (phase 1)
Stopwatch: 1782901570972263 576 (- - -)
Stopwatch2: 1782901570972263 576; combined=216, p1=168, p2=0, p3=0, p4=0, p5=48, sr=61, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--73a37854-Z--
--7d32ca67-A--
[01/Jul/2026:10:26:11.146026 +0000] akTrQ9XDG6AyyG2HW2QQWAAAANM 91.92.42.182 37746 172.26.37.160 7081
--7d32ca67-B--
GET /composer.json HTTP/1.1
Host: eonhk.com
X-Real-IP: 91.92.42.182
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
referer: http://eonhk.com/composer.json
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--7d32ca67-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7d32ca67-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/composer.json"] [unique_id "akTrQ9XDG6AyyG2HW2QQWAAAANM"]
Action: Intercepted (phase 1)
Stopwatch: 1782901571145547 1000 (- - -)
Stopwatch2: 1782901571145547 1000; combined=199, p1=152, p2=0, p3=0, p4=0, p5=47, sr=55, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7d32ca67-Z--
--aadf6b71-A--
[01/Jul/2026:10:26:11.154808 +0000] akTrQx9eA2Q92AizAor6oAAAAEA 91.92.42.182 37778 172.26.37.160 7081
--aadf6b71-B--
GET /.env.bak HTTP/1.1
Host: eonhk.com
X-Real-IP: 91.92.42.182
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
referer: http://eonhk.com/.env.bak
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--aadf6b71-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--aadf6b71-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/.env.bak"] [unique_id "akTrQx9eA2Q92AizAor6oAAAAEA"]
Action: Intercepted (phase 1)
Stopwatch: 1782901571154205 664 (- - -)
Stopwatch2: 1782901571154205 664; combined=202, p1=146, p2=0, p3=0, p4=0, p5=55, sr=56, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--aadf6b71-Z--
--19e4dd72-A--
[01/Jul/2026:10:26:50.647110 +0000] akTratXDG6AyyG2HW2QQXAAAANc 105.155.153.59 50756 172.26.37.160 7081
--19e4dd72-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--19e4dd72-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--19e4dd72-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTratXDG6AyyG2HW2QQXAAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782901610643089 4119 (- - -)
Stopwatch2: 1782901610643089 4119; combined=1606, p1=320, p2=1032, p3=0, p4=0, p5=179, sr=76, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--19e4dd72-Z--
--98cdd92a-A--
[01/Jul/2026:10:27:53.656070 +0000] akTrqfa2KgOyAmlZY0utTAAAABA 105.155.153.59 48138 172.26.37.160 7081
--98cdd92a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--98cdd92a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--98cdd92a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTrqfa2KgOyAmlZY0utTAAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782901673652182 3965 (- - -)
Stopwatch2: 1782901673652182 3965; combined=2110, p1=325, p2=1351, p3=0, p4=0, p5=367, sr=74, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--98cdd92a-Z--
--afebfc26-A--
[01/Jul/2026:10:28:56.715789 +0000] akTr6Pa2KgOyAmlZY0utYgAAABg 105.155.153.59 58470 172.26.37.160 7081
--afebfc26-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--afebfc26-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--afebfc26-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTr6Pa2KgOyAmlZY0utYgAAABg"]
Action: Intercepted (phase 2)
Stopwatch: 1782901736710505 5339 (- - -)
Stopwatch2: 1782901736710505 5339; combined=3219, p1=1131, p2=1839, p3=0, p4=0, p5=162, sr=769, sw=87, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--afebfc26-Z--
--81eed428-A--
[01/Jul/2026:10:29:07.197340 +0000] akTr8-a2KgOyAmlZY0utZAAAAAM 105.155.153.59 58242 172.26.37.160 7081
--81eed428-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 700
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--81eed428-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--81eed428-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTr8-a2KgOyAmlZY0utZAAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782901747191812 5589 (- - -)
Stopwatch2: 1782901747191812 5589; combined=6873, p1=344, p2=983, p3=0, p4=0, p5=2804, sr=79, sw=2742, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--81eed428-Z--
--87c1b364-A--
[01/Jul/2026:10:30:00.859307 +0000] akTsKB9eA2Q92AizAor60wAAAEY 91.92.42.182 57982 172.26.37.160 7081
--87c1b364-B--
GET /config/parameters.yml HTTP/1.1
Host: eonhk.com
X-Real-IP: 91.92.42.182
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
referer: http://eonhk.com/config/parameters.yml
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--87c1b364-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--87c1b364-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/config/parameters.yml"] [unique_id "akTsKB9eA2Q92AizAor60wAAAEY"]
Action: Intercepted (phase 1)
Stopwatch: 1782901800857808 1582 (- - -)
Stopwatch2: 1782901800857808 1582; combined=270, p1=171, p2=0, p3=0, p4=0, p5=98, sr=61, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--87c1b364-Z--
--aa03345c-A--
[01/Jul/2026:10:30:00.880714 +0000] akTsKB9eA2Q92AizAor61AAAAEQ 91.92.42.182 57984 172.26.37.160 7081
--aa03345c-B--
GET /app/config/parameters.yml HTTP/1.1
Host: eonhk.com
X-Real-IP: 91.92.42.182
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0
referer: http://eonhk.com/app/config/parameters.yml
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--aa03345c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--aa03345c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/app/config/parameters.yml"] [unique_id "akTsKB9eA2Q92AizAor61AAAAEQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782901800879384 1390 (- - -)
Stopwatch2: 1782901800879384 1390; combined=291, p1=234, p2=0, p3=0, p4=0, p5=57, sr=66, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--aa03345c-Z--
--3939ce3b-A--
[01/Jul/2026:10:30:00.949092 +0000] akTsKNXDG6AyyG2HW2QQcQAAAMo 91.92.42.182 58044 172.26.37.160 7081
--3939ce3b-B--
GET /.env.js HTTP/1.1
Host: eonhk.com
X-Real-IP: 91.92.42.182
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0
referer: http://eonhk.com/.env.js
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--3939ce3b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3939ce3b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/.env.js"] [unique_id "akTsKNXDG6AyyG2HW2QQcQAAAMo"]
Action: Intercepted (phase 1)
Stopwatch: 1782901800948559 592 (- - -)
Stopwatch2: 1782901800948559 592; combined=231, p1=181, p2=0, p3=0, p4=0, p5=50, sr=62, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3939ce3b-Z--
--0572be20-A--
[01/Jul/2026:10:30:00.984553 +0000] akTsKPa2KgOyAmlZY0utdQAAAAU 91.92.42.182 58062 172.26.37.160 7081
--0572be20-B--
GET /.env-config.js HTTP/1.1
Host: eonhk.com
X-Real-IP: 91.92.42.182
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
referer: http://eonhk.com/.env-config.js
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
upgrade-insecure-requests: 1
cache-control: no-cache
accept-encoding: gzip, br, deflate
--0572be20-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0572be20-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/.env-config.js"] [unique_id "akTsKPa2KgOyAmlZY0utdQAAAAU"]
Action: Intercepted (phase 1)
Stopwatch: 1782901800984115 499 (- - -)
Stopwatch2: 1782901800984115 499; combined=181, p1=135, p2=0, p3=0, p4=0, p5=46, sr=55, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0572be20-Z--
--d5cb486a-A--
[01/Jul/2026:10:30:10.178912 +0000] akTsMh9eA2Q92AizAor64QAAAE0 105.155.153.59 40164 172.26.37.160 7081
--d5cb486a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d5cb486a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d5cb486a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTsMh9eA2Q92AizAor64QAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782901810175093 3909 (- - -)
Stopwatch2: 1782901810175093 3909; combined=2640, p1=336, p2=2128, p3=0, p4=0, p5=115, sr=87, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d5cb486a-Z--
--53c10e76-A--
[01/Jul/2026:10:30:20.705635 +0000] akTsPPa2KgOyAmlZY0utegAAAA8 105.155.153.59 45708 172.26.37.160 7081
--53c10e76-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--53c10e76-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--53c10e76-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTsPPa2KgOyAmlZY0utegAAAA8"]
Action: Intercepted (phase 2)
Stopwatch: 1782901820701656 6965 (- - -)
Stopwatch2: 1782901820701656 6965; combined=1913, p1=323, p2=1429, p3=0, p4=0, p5=106, sr=90, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--53c10e76-Z--
--b75ef65d-A--
[01/Jul/2026:10:31:23.810179 +0000] akTsex9eA2Q92AizAor68gAAAEE 105.155.153.59 35766 172.26.37.160 7081
--b75ef65d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b75ef65d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b75ef65d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTsex9eA2Q92AizAor68gAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782901883805822 4413 (- - -)
Stopwatch2: 1782901883805822 4413; combined=3043, p1=327, p2=2524, p3=0, p4=0, p5=126, sr=83, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b75ef65d-Z--
--001ebc6a-A--
[01/Jul/2026:10:31:34.516834 +0000] akTshh9eA2Q92AizAor69wAAAFg 172.70.42.32 48238 172.26.37.160 7081
--001ebc6a-B--
GET //wp-json/wp/v2/users/ HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.70.42.32
X-Forwarded-For: 136.107.0.186
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, br
cf-ray: a144bde66b5b062b-IAD
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 136.107.0.186
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--001ebc6a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--001ebc6a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||immunehk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||immunehk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "immunehk.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akTshh9eA2Q92AizAor69wAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782901894514847 2057 (- - -)
Stopwatch2: 1782901894514847 2057; combined=947, p1=369, p2=515, p3=0, p4=0, p5=63, sr=122, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--001ebc6a-Z--
--bcf5963c-A--
[01/Jul/2026:10:32:05.898178 +0000] akTspR9eA2Q92AizAor6-AAAAEs 105.155.153.59 48460 172.26.37.160 7081
--bcf5963c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--bcf5963c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bcf5963c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTspR9eA2Q92AizAor6-AAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782901925895344 3357 (- - -)
Stopwatch2: 1782901925895344 3357; combined=1495, p1=338, p2=988, p3=0, p4=0, p5=109, sr=78, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bcf5963c-Z--
--af037435-A--
[01/Jul/2026:10:32:27.082081 +0000] akTsux9eA2Q92AizAor6-wAAAEI 105.232.128.244 51422 172.26.37.160 7081
--af037435-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 105.232.128.244
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-NA
User-Agent: WordPress.com; https://wordpress.com
--af037435-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--af037435-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.128.244 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.128.244 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTsux9eA2Q92AizAor6-wAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782901947077507 8742 (- - -)
Stopwatch2: 1782901947077507 8742; combined=2455, p1=304, p2=1918, p3=0, p4=0, p5=144, sr=65, sw=89, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--af037435-Z--
--5e17c638-A--
[01/Jul/2026:10:32:37.602835 +0000] akTsxfa2KgOyAmlZY0utjwAAAAk 105.155.153.59 44186 172.26.37.160 7081
--5e17c638-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5e17c638-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5e17c638-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTsxfa2KgOyAmlZY0utjwAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782901957598701 4192 (- - -)
Stopwatch2: 1782901957598701 4192; combined=1987, p1=369, p2=1411, p3=0, p4=0, p5=139, sr=81, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5e17c638-Z--
--989cd518-A--
[01/Jul/2026:10:34:22.748621 +0000] akTtLva2KgOyAmlZY0utoQAAABU 105.155.153.59 60086 172.26.37.160 7081
--989cd518-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--989cd518-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--989cd518-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTtLva2KgOyAmlZY0utoQAAABU"]
Action: Intercepted (phase 2)
Stopwatch: 1782902062744803 3878 (- - -)
Stopwatch2: 1782902062744803 3878; combined=2615, p1=362, p2=2084, p3=0, p4=0, p5=110, sr=78, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--989cd518-Z--
--4bd5975f-A--
[01/Jul/2026:10:34:54.242119 +0000] akTtTh9eA2Q92AizAor7GgAAAFc 105.155.153.59 52694 172.26.37.160 7081
--4bd5975f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--4bd5975f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4bd5975f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTtTh9eA2Q92AizAor7GgAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782902094239547 2626 (- - -)
Stopwatch2: 1782902094239547 2626; combined=1480, p1=331, p2=981, p3=0, p4=0, p5=111, sr=87, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4bd5975f-Z--
--732cc60a-A--
[01/Jul/2026:10:35:20.528420 +0000] akTtaNXDG6AyyG2HW2QQnQAAANE 5.206.227.80 37382 172.26.37.160 7080
--732cc60a-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 5.206.227.80
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--732cc60a-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--732cc60a-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akTtaNXDG6AyyG2HW2QQnQAAANE"]
Action: Intercepted (phase 1)
Stopwatch: 1782902120527240 2053 (- - -)
Stopwatch2: 1782902120527240 2053; combined=254, p1=202, p2=0, p3=0, p4=0, p5=51, sr=90, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--732cc60a-Z--
--3c292263-A--
[01/Jul/2026:10:35:21.421933 +0000] akTtadXDG6AyyG2HW2QQnwAAANc 5.206.227.80 37600 172.26.37.160 7081
--3c292263-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 5.206.227.80
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--3c292263-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--3c292263-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akTtadXDG6AyyG2HW2QQnwAAANc"]
Action: Intercepted (phase 1)
Stopwatch: 1782902121421465 507 (- - -)
Stopwatch2: 1782902121421465 507; combined=245, p1=196, p2=0, p3=0, p4=0, p5=49, sr=78, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3c292263-Z--
--ce94ae73-A--
[01/Jul/2026:10:36:07.770885 +0000] akTtlx9eA2Q92AizAor7MQAAAEY 105.155.153.59 37376 172.26.37.160 7081
--ce94ae73-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--ce94ae73-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ce94ae73-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTtlx9eA2Q92AizAor7MQAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782902167766724 4255 (- - -)
Stopwatch2: 1782902167766724 4255; combined=2103, p1=374, p2=1504, p3=0, p4=0, p5=147, sr=83, sw=78, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ce94ae73-Z--
--6bb40630-A--
[01/Jul/2026:10:36:18.236648 +0000] akTtoh9eA2Q92AizAor7OAAAAE4 105.155.153.59 47866 172.26.37.160 7081
--6bb40630-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 701
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--6bb40630-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6bb40630-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTtoh9eA2Q92AizAor7OAAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782902178232920 3790 (- - -)
Stopwatch2: 1782902178232920 3790; combined=1959, p1=334, p2=1418, p3=0, p4=0, p5=139, sr=68, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6bb40630-Z--
--5101910f-A--
[01/Jul/2026:10:36:50.346239 +0000] akTtwva2KgOyAmlZY0utvgAAABU 213.189.223.217 33266 172.26.37.160 7081
--5101910f-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 213.189.223.217
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46QWRtaW4xMjNAQA==
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--5101910f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5101910f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTtwva2KgOyAmlZY0utvgAAABU"]
Action: Intercepted (phase 2)
Stopwatch: 1782902210343129 3168 (- - -)
Stopwatch2: 1782902210343129 3168; combined=1702, p1=302, p2=1345, p3=0, p4=0, p5=54, sr=74, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5101910f-Z--
--955c926e-A--
[01/Jul/2026:10:36:59.329083 +0000] akTtyx9eA2Q92AizAor7SgAAAEo 52.232.35.131 38590 172.26.37.160 7081
--955c926e-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: contintechind.com
X-Real-IP: 52.232.35.131
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic dmluY2ktYWRtaW46VmluY2ktYWRtaW4xMjNAQA==
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15
--955c926e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--955c926e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "contintechind.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTtyx9eA2Q92AizAor7SgAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782902219324545 4595 (- - -)
Stopwatch2: 1782902219324545 4595; combined=1742, p1=320, p2=1363, p3=0, p4=0, p5=58, sr=78, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--955c926e-Z--
--95c3d808-A--
[01/Jul/2026:10:37:37.940625 +0000] akTt8fa2KgOyAmlZY0utxAAAABA 106.51.83.25 37496 172.26.37.160 7081
--95c3d808-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--95c3d808-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--95c3d808-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTt8fa2KgOyAmlZY0utxAAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782902257936538 4143 (- - -)
Stopwatch2: 1782902257936538 4143; combined=1532, p1=330, p2=1006, p3=0, p4=0, p5=132, sr=76, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--95c3d808-Z--
--8d360439-A--
[01/Jul/2026:10:37:42.277352 +0000] akTt9va2KgOyAmlZY0utxgAAABQ 105.155.153.59 37526 172.26.37.160 7081
--8d360439-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--8d360439-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8d360439-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTt9va2KgOyAmlZY0utxgAAABQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782902262272668 5036 (- - -)
Stopwatch2: 1782902262272668 5036; combined=2609, p1=443, p2=1960, p3=0, p4=0, p5=135, sr=174, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8d360439-Z--
--d846e025-A--
[01/Jul/2026:10:38:45.402652 +0000] akTuNdXDG6AyyG2HW2QQtwAAAM0 105.155.153.59 44846 172.26.37.160 7081
--d846e025-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--d846e025-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d846e025-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTuNdXDG6AyyG2HW2QQtwAAAM0"]
Action: Intercepted (phase 2)
Stopwatch: 1782902325398040 4674 (- - -)
Stopwatch2: 1782902325398040 4674; combined=2299, p1=857, p2=1258, p3=0, p4=0, p5=122, sr=597, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d846e025-Z--
--8ac74d5e-A--
[01/Jul/2026:10:38:54.562120 +0000] akTuPtXDG6AyyG2HW2QQuAAAANA 106.51.83.25 54486 172.26.37.160 7081
--8ac74d5e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--8ac74d5e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8ac74d5e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTuPtXDG6AyyG2HW2QQuAAAANA"]
Action: Intercepted (phase 2)
Stopwatch: 1782902334558767 3422 (- - -)
Stopwatch2: 1782902334558767 3422; combined=1594, p1=358, p2=1038, p3=0, p4=0, p5=130, sr=74, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8ac74d5e-Z--
--96a6ae15-A--
[01/Jul/2026:10:39:49.153882 +0000] akTudfa2KgOyAmlZY0ut-wAAAAY 106.51.83.25 54630 172.26.37.160 7081
--96a6ae15-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--96a6ae15-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--96a6ae15-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTudfa2KgOyAmlZY0ut-wAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782902389149958 3983 (- - -)
Stopwatch2: 1782902389149958 3983; combined=2750, p1=316, p2=2265, p3=0, p4=0, p5=110, sr=79, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--96a6ae15-Z--
--c916700b-A--
[01/Jul/2026:10:40:20.106506 +0000] akTulB9eA2Q92AizAor7uAAAAEk 105.155.153.59 39184 172.26.37.160 7081
--c916700b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--c916700b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c916700b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTulB9eA2Q92AizAor7uAAAAEk"]
Action: Intercepted (phase 2)
Stopwatch: 1782902420103028 3534 (- - -)
Stopwatch2: 1782902420103028 3534; combined=1829, p1=319, p2=1309, p3=0, p4=0, p5=127, sr=77, sw=74, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c916700b-Z--
--2eab1d4c-A--
[01/Jul/2026:10:40:41.073604 +0000] akTuqR9eA2Q92AizAor7xQAAAFc 105.155.153.59 41424 172.26.37.160 7081
--2eab1d4c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--2eab1d4c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2eab1d4c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTuqR9eA2Q92AizAor7xQAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782902441070026 3635 (- - -)
Stopwatch2: 1782902441070026 3635; combined=1821, p1=336, p2=1292, p3=0, p4=0, p5=127, sr=91, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2eab1d4c-Z--
--9760bc25-A--
[01/Jul/2026:10:41:16.680457 +0000] akTuzB9eA2Q92AizAor73gAAAEc 106.51.83.25 49372 172.26.37.160 7081
--9760bc25-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--9760bc25-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9760bc25-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTuzB9eA2Q92AizAor73gAAAEc"]
Action: Intercepted (phase 2)
Stopwatch: 1782902476677523 3012 (- - -)
Stopwatch2: 1782902476677523 3012; combined=1475, p1=350, p2=955, p3=0, p4=0, p5=111, sr=86, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9760bc25-Z--
--f8e5d877-A--
[01/Jul/2026:10:41:30.845534 +0000] akTu2h9eA2Q92AizAor76AAAAFU 105.232.128.200 56366 172.26.37.160 7081
--f8e5d877-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 105.232.128.200
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-NA
User-Agent: WordPress.com; https://wordpress.com
--f8e5d877-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f8e5d877-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.128.200 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.232.128.200 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akTu2h9eA2Q92AizAor76AAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782902490842784 2805 (- - -)
Stopwatch2: 1782902490842784 2805; combined=1612, p1=405, p2=1044, p3=0, p4=0, p5=108, sr=119, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f8e5d877-Z--
--01989d14-A--
[01/Jul/2026:10:41:38.783293 +0000] akTu4h9eA2Q92AizAor77AAAAEY 106.51.83.25 43154 172.26.37.160 7081
--01989d14-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--01989d14-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--01989d14-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTu4h9eA2Q92AizAor77AAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782902498780449 2915 (- - -)
Stopwatch2: 1782902498780449 2915; combined=1466, p1=314, p2=965, p3=0, p4=0, p5=125, sr=73, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--01989d14-Z--
--9f6ff10f-A--
[01/Jul/2026:10:41:44.114159 +0000] akTu6B9eA2Q92AizAor77gAAAFE 105.155.153.59 41132 172.26.37.160 7081
--9f6ff10f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--9f6ff10f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9f6ff10f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTu6B9eA2Q92AizAor77gAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782902504110996 3220 (- - -)
Stopwatch2: 1782902504110996 3220; combined=1552, p1=324, p2=1026, p3=0, p4=0, p5=133, sr=78, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9f6ff10f-Z--
--c275a770-A--
[01/Jul/2026:10:42:23.002272 +0000] akTvDva2KgOyAmlZY0uuQQAAAAY 106.51.83.25 56292 172.26.37.160 7081
--c275a770-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--c275a770-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c275a770-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvDva2KgOyAmlZY0uuQQAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782902542999241 3089 (- - -)
Stopwatch2: 1782902542999241 3089; combined=1504, p1=319, p2=994, p3=0, p4=0, p5=129, sr=78, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c275a770-Z--
--e13c4c12-A--
[01/Jul/2026:10:42:36.739926 +0000] akTvHB9eA2Q92AizAor8BwAAAFE 105.155.153.59 58990 172.26.37.160 7081
--e13c4c12-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--e13c4c12-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e13c4c12-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvHB9eA2Q92AizAor8BwAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782902556736997 2986 (- - -)
Stopwatch2: 1782902556736997 2986; combined=1635, p1=371, p2=1048, p3=0, p4=0, p5=143, sr=86, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e13c4c12-Z--
--9c431c3e-A--
[01/Jul/2026:10:42:47.201583 +0000] akTvJx9eA2Q92AizAor8CgAAAEg 105.155.153.59 50430 172.26.37.160 7081
--9c431c3e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--9c431c3e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9c431c3e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvJx9eA2Q92AizAor8CgAAAEg"]
Action: Intercepted (phase 2)
Stopwatch: 1782902567198427 3211 (- - -)
Stopwatch2: 1782902567198427 3211; combined=1920, p1=332, p2=1416, p3=0, p4=0, p5=115, sr=80, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9c431c3e-Z--
--e5b6ae5d-A--
[01/Jul/2026:10:43:41.042055 +0000] akTvXdXDG6AyyG2HW2QQ8wAAANM 106.51.83.25 45164 172.26.37.160 7081
--e5b6ae5d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e5b6ae5d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e5b6ae5d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvXdXDG6AyyG2HW2QQ8wAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782902621038176 3958 (- - -)
Stopwatch2: 1782902621038176 3958; combined=1440, p1=308, p2=947, p3=0, p4=0, p5=122, sr=71, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e5b6ae5d-Z--
--871d8742-A--
[01/Jul/2026:10:43:50.179790 +0000] akTvZva2KgOyAmlZY0uuXAAAABg 105.155.153.59 43396 172.26.37.160 7081
--871d8742-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--871d8742-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--871d8742-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvZva2KgOyAmlZY0uuXAAAABg"]
Action: Intercepted (phase 2)
Stopwatch: 1782902630177087 2757 (- - -)
Stopwatch2: 1782902630177087 2757; combined=1439, p1=309, p2=964, p3=0, p4=0, p5=109, sr=71, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--871d8742-Z--
--ad34d415-A--
[01/Jul/2026:10:43:52.036314 +0000] akTvaPa2KgOyAmlZY0uuXwAAAAM 106.51.83.25 43448 172.26.37.160 7081
--ad34d415-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ad34d415-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ad34d415-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvaPa2KgOyAmlZY0uuXwAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782902632030774 6704 (- - -)
Stopwatch2: 1782902632030774 6704; combined=1538, p1=334, p2=994, p3=0, p4=0, p5=145, sr=94, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ad34d415-Z--
--6d0c7446-A--
[01/Jul/2026:10:44:53.225940 +0000] akTvpdXDG6AyyG2HW2QRVwAAANc 105.155.153.59 54222 172.26.37.160 7081
--6d0c7446-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)
--6d0c7446-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6d0c7446-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvpdXDG6AyyG2HW2QRVwAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782902693222390 3613 (- - -)
Stopwatch2: 1782902693222390 3613; combined=2285, p1=313, p2=1795, p3=0, p4=0, p5=117, sr=71, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6d0c7446-Z--
--7b5dce2b-A--
[01/Jul/2026:10:45:03.722654 +0000] akTvr-a2KgOyAmlZY0uuxgAAAAM 105.155.153.59 54096 172.26.37.160 7081
--7b5dce2b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--7b5dce2b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7b5dce2b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvr-a2KgOyAmlZY0uuxgAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782902703719216 3519 (- - -)
Stopwatch2: 1782902703719216 3519; combined=1680, p1=452, p2=1035, p3=0, p4=0, p5=127, sr=82, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7b5dce2b-Z--
--0b76b163-A--
[01/Jul/2026:10:45:14.253433 +0000] akTvutXDG6AyyG2HW2QRXAAAAM0 105.155.153.59 55066 172.26.37.160 7081
--0b76b163-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 105.155.153.59
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--0b76b163-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0b76b163-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.155.153.59 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvutXDG6AyyG2HW2QRXAAAAM0"]
Action: Intercepted (phase 2)
Stopwatch: 1782902714249912 3587 (- - -)
Stopwatch2: 1782902714249912 3587; combined=1524, p1=357, p2=985, p3=0, p4=0, p5=124, sr=86, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0b76b163-Z--
--b2f38f67-A--
[01/Jul/2026:10:45:20.809961 +0000] akTvwPa2KgOyAmlZY0uuyAAAABI 106.51.83.25 55104 172.26.37.160 7081
--b2f38f67-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--b2f38f67-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b2f38f67-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTvwPa2KgOyAmlZY0uuyAAAABI"]
Action: Intercepted (phase 2)
Stopwatch: 1782902720806637 3380 (- - -)
Stopwatch2: 1782902720806637 3380; combined=1502, p1=360, p2=944, p3=0, p4=0, p5=134, sr=74, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b2f38f67-Z--
--f8c9aa62-A--
[01/Jul/2026:10:46:26.834037 +0000] akTwAh9eA2Q92AizAor8lAAAAE0 106.51.83.25 41316 172.26.37.160 7081
--f8c9aa62-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f8c9aa62-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f8c9aa62-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTwAh9eA2Q92AizAor8lAAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782902786829860 4234 (- - -)
Stopwatch2: 1782902786829860 4234; combined=2703, p1=340, p2=2173, p3=0, p4=0, p5=123, sr=84, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f8c9aa62-Z--
--565d297a-A--
[01/Jul/2026:10:46:31.193230 +0000] akTwBx9eA2Q92AizAor8lQAAAFQ 196.3.97.86 41318 172.26.37.160 7081
--565d297a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--565d297a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--565d297a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTwBx9eA2Q92AizAor8lQAAAFQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782902791189008 4547 (- - -)
Stopwatch2: 1782902791189008 4547; combined=2810, p1=358, p2=2228, p3=0, p4=0, p5=155, sr=87, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--565d297a-Z--
--dae49f62-A--
[01/Jul/2026:10:47:03.021033 +0000] akTwJx9eA2Q92AizAor8oAAAAFY 196.3.97.86 55028 172.26.37.160 7081
--dae49f62-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--dae49f62-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dae49f62-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTwJx9eA2Q92AizAor8oAAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782902823017710 3381 (- - -)
Stopwatch2: 1782902823017710 3381; combined=1980, p1=772, p2=972, p3=0, p4=0, p5=153, sr=81, sw=83, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dae49f62-Z--
--1fbafd37-A--
[01/Jul/2026:10:47:33.053175 +0000] akTwRfa2KgOyAmlZY0uu7wAAABY 106.51.83.25 41498 172.26.37.160 7081
--1fbafd37-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1fbafd37-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1fbafd37-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTwRfa2KgOyAmlZY0uu7wAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782902853048770 4479 (- - -)
Stopwatch2: 1782902853048770 4479; combined=2157, p1=931, p2=1026, p3=0, p4=0, p5=134, sr=83, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1fbafd37-Z--
--b8783a62-A--
[01/Jul/2026:10:47:44.042609 +0000] akTwUB9eA2Q92AizAor8qwAAAFI 106.51.83.25 49512 172.26.37.160 7081
--b8783a62-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b8783a62-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b8783a62-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTwUB9eA2Q92AizAor8qwAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782902864039073 3621 (- - -)
Stopwatch2: 1782902864039073 3621; combined=2436, p1=325, p2=1928, p3=0, p4=0, p5=123, sr=89, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b8783a62-Z--
--3c25941a-A--
[01/Jul/2026:10:47:45.400785 +0000] akTwUfa2KgOyAmlZY0uu8gAAABM 196.3.97.86 55404 172.26.37.160 7081
--3c25941a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--3c25941a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3c25941a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTwUfa2KgOyAmlZY0uu8gAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782902865397599 3246 (- - -)
Stopwatch2: 1782902865397599 3246; combined=1441, p1=313, p2=947, p3=0, p4=0, p5=120, sr=75, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3c25941a-Z--
--c4c42072-A--
[01/Jul/2026:10:48:27.679740 +0000] akTwe9XDG6AyyG2HW2QRcQAAANE 196.3.97.86 56104 172.26.37.160 7081
--c4c42072-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--c4c42072-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c4c42072-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTwe9XDG6AyyG2HW2QRcQAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782902907675433 4382 (- - -)
Stopwatch2: 1782902907675433 4382; combined=1641, p1=318, p2=1153, p3=0, p4=0, p5=110, sr=74, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c4c42072-Z--
--31b0bb22-A--
[01/Jul/2026:10:49:22.588969 +0000] akTwsh9eA2Q92AizAor80gAAAFI 106.51.83.25 46020 172.26.37.160 7081
--31b0bb22-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--31b0bb22-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--31b0bb22-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTwsh9eA2Q92AizAor80gAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782902962585636 3394 (- - -)
Stopwatch2: 1782902962585636 3394; combined=1995, p1=347, p2=1460, p3=0, p4=0, p5=126, sr=83, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--31b0bb22-Z--
--25885e5d-A--
[01/Jul/2026:10:49:26.977153 +0000] akTwth9eA2Q92AizAor80wAAAFU 103.166.182.186 35880 172.26.37.160 7081
--25885e5d-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 103.166.182.186
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW4xMjNAIw==
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--25885e5d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--25885e5d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTwth9eA2Q92AizAor80wAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782902966974336 2878 (- - -)
Stopwatch2: 1782902966974336 2878; combined=877, p1=314, p2=504, p3=0, p4=0, p5=58, sr=78, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--25885e5d-Z--
--0d42210f-A--
[01/Jul/2026:10:49:44.449469 +0000] akTwyB9eA2Q92AizAor82wAAAE8 106.51.83.25 50774 172.26.37.160 7081
--0d42210f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--0d42210f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0d42210f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTwyB9eA2Q92AizAor82wAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782902984445367 4176 (- - -)
Stopwatch2: 1782902984445367 4176; combined=2924, p1=329, p2=2412, p3=0, p4=0, p5=118, sr=81, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0d42210f-Z--
--11593101-A--
[01/Jul/2026:10:49:53.262837 +0000] akTw0R9eA2Q92AizAor83AAAAEU 196.3.97.86 50790 172.26.37.160 7081
--11593101-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--11593101-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--11593101-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTw0R9eA2Q92AizAor83AAAAEU"]
Action: Intercepted (phase 2)
Stopwatch: 1782902993259599 3298 (- - -)
Stopwatch2: 1782902993259599 3298; combined=1510, p1=317, p2=1009, p3=0, p4=0, p5=125, sr=82, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--11593101-Z--
--b2d2ae50-A--
[01/Jul/2026:10:50:24.931968 +0000] akTw8B9eA2Q92AizAor85wAAAE4 196.3.97.86 50226 172.26.37.160 7081
--b2d2ae50-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: Jetpack by WordPress.com
--b2d2ae50-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b2d2ae50-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTw8B9eA2Q92AizAor85wAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782903024926895 5137 (- - -)
Stopwatch2: 1782903024926895 5137; combined=3850, p1=1999, p2=1435, p3=0, p4=0, p5=349, sr=78, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b2d2ae50-Z--
--8b1d4d68-A--
[01/Jul/2026:10:50:39.173095 +0000] akTw--a2KgOyAmlZY0uvHwAAABI 106.51.83.25 55930 172.26.37.160 7081
--8b1d4d68-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--8b1d4d68-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8b1d4d68-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTw--a2KgOyAmlZY0uvHwAAABI"]
Action: Intercepted (phase 2)
Stopwatch: 1782903039168945 4215 (- - -)
Stopwatch2: 1782903039168945 4215; combined=1614, p1=355, p2=1040, p3=0, p4=0, p5=144, sr=81, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8b1d4d68-Z--
--ab81dc09-A--
[01/Jul/2026:10:51:11.833530 +0000] akTxHx9eA2Q92AizAor89AAAAE4 106.51.83.25 57950 172.26.37.160 7081
--ab81dc09-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--ab81dc09-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ab81dc09-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTxHx9eA2Q92AizAor89AAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782903071830490 3109 (- - -)
Stopwatch2: 1782903071830490 3109; combined=1640, p1=302, p2=1147, p3=0, p4=0, p5=119, sr=69, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ab81dc09-Z--
--fe8de26d-A--
[01/Jul/2026:10:51:17.813571 +0000] akTxJdXDG6AyyG2HW2QRhwAAANM 196.3.97.86 38690 172.26.37.160 7081
--fe8de26d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 196.3.97.86
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: pt-PT,pt;q=0.8,en-US;q=0.5,en;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--fe8de26d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fe8de26d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.3.97.86 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTxJdXDG6AyyG2HW2QRhwAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782903077810797 2872 (- - -)
Stopwatch2: 1782903077810797 2872; combined=1609, p1=379, p2=1004, p3=0, p4=0, p5=147, sr=99, sw=79, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fe8de26d-Z--
--e7f0fa24-A--
[01/Jul/2026:10:51:55.439578 +0000] akTxS-a2KgOyAmlZY0uvNQAAAA0 106.51.83.25 38344 172.26.37.160 7081
--e7f0fa24-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--e7f0fa24-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e7f0fa24-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTxS-a2KgOyAmlZY0uvNQAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782903115436135 3500 (- - -)
Stopwatch2: 1782903115436135 3500; combined=1467, p1=317, p2=959, p3=0, p4=0, p5=128, sr=69, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e7f0fa24-Z--
--35f41578-A--
[01/Jul/2026:10:52:17.183036 +0000] akTxYdXDG6AyyG2HW2QRkQAAAM0 106.51.83.25 51736 172.26.37.160 7081
--35f41578-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--35f41578-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--35f41578-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTxYdXDG6AyyG2HW2QRkQAAAM0"]
Action: Intercepted (phase 2)
Stopwatch: 1782903137179934 3158 (- - -)
Stopwatch2: 1782903137179934 3158; combined=1974, p1=816, p2=961, p3=0, p4=0, p5=123, sr=82, sw=74, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--35f41578-Z--
--c2dc440d-A--
[01/Jul/2026:10:53:22.512792 +0000] akTxova2KgOyAmlZY0uvSAAAABQ 106.51.83.25 45788 172.26.37.160 7081
--c2dc440d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c2dc440d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c2dc440d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTxova2KgOyAmlZY0uvSAAAABQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782903202509616 3233 (- - -)
Stopwatch2: 1782903202509616 3233; combined=1927, p1=352, p2=1350, p3=0, p4=0, p5=142, sr=73, sw=83, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c2dc440d-Z--
--b9f17b65-A--
[01/Jul/2026:10:54:39.420325 +0000] akTx7x9eA2Q92AizAor9LwAAAFA 106.51.83.25 32906 172.26.37.160 7081
--b9f17b65-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b9f17b65-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b9f17b65-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTx7x9eA2Q92AizAor9LwAAAFA"]
Action: Intercepted (phase 2)
Stopwatch: 1782903279417103 3283 (- - -)
Stopwatch2: 1782903279417103 3283; combined=1918, p1=341, p2=1399, p3=0, p4=0, p5=117, sr=91, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b9f17b65-Z--
--90eecc2b-A--
[01/Jul/2026:10:55:12.488149 +0000] akTyEB9eA2Q92AizAor9NQAAAE8 106.51.83.25 56050 172.26.37.160 7081
--90eecc2b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--90eecc2b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--90eecc2b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTyEB9eA2Q92AizAor9NQAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782903312485042 3164 (- - -)
Stopwatch2: 1782903312485042 3164; combined=1500, p1=325, p2=979, p3=0, p4=0, p5=131, sr=90, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--90eecc2b-Z--
--389b9c51-A--
[01/Jul/2026:10:55:56.414524 +0000] akTyPB9eA2Q92AizAor9RQAAAEg 106.51.83.25 50004 172.26.37.160 7081
--389b9c51-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--389b9c51-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--389b9c51-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTyPB9eA2Q92AizAor9RQAAAEg"]
Action: Intercepted (phase 2)
Stopwatch: 1782903356411360 3244 (- - -)
Stopwatch2: 1782903356411360 3244; combined=1944, p1=858, p2=931, p3=0, p4=0, p5=101, sr=622, sw=54, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--389b9c51-Z--
--242afa5b-A--
[01/Jul/2026:10:57:02.701329 +0000] akTyfva2KgOyAmlZY0uvbAAAAAE 106.51.83.25 56930 172.26.37.160 7081
--242afa5b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--242afa5b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--242afa5b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTyfva2KgOyAmlZY0uvbAAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782903422697534 3900 (- - -)
Stopwatch2: 1782903422697534 3900; combined=2884, p1=323, p2=1492, p3=0, p4=0, p5=560, sr=84, sw=509, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--242afa5b-Z--
--1598c951-A--
[01/Jul/2026:10:57:35.626230 +0000] akTyn-a2KgOyAmlZY0uvcgAAAAk 106.51.83.25 40130 172.26.37.160 7081
--1598c951-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1598c951-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1598c951-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTyn-a2KgOyAmlZY0uvcgAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782903455622907 3392 (- - -)
Stopwatch2: 1782903455622907 3392; combined=1955, p1=328, p2=1436, p3=0, p4=0, p5=127, sr=77, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1598c951-Z--
--5265b47c-A--
[01/Jul/2026:10:58:52.947815 +0000] akTy7B9eA2Q92AizAor9bQAAAFE 106.51.83.25 45228 172.26.37.160 7081
--5265b47c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5265b47c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5265b47c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTy7B9eA2Q92AizAor9bQAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782903532942886 4992 (- - -)
Stopwatch2: 1782903532942886 4992; combined=1496, p1=326, p2=965, p3=0, p4=0, p5=138, sr=68, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5265b47c-Z--
--b97eec2e-A--
[01/Jul/2026:10:59:36.966233 +0000] akTzGB9eA2Q92AizAor9eQAAAEM 106.51.83.25 56334 172.26.37.160 7081
--b97eec2e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--b97eec2e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b97eec2e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTzGB9eA2Q92AizAor9eQAAAEM"]
Action: Intercepted (phase 2)
Stopwatch: 1782903576961998 4293 (- - -)
Stopwatch2: 1782903576961998 4293; combined=2294, p1=371, p2=1051, p3=0, p4=0, p5=461, sr=89, sw=411, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b97eec2e-Z--
--7389cc21-A--
[01/Jul/2026:11:00:10.058820 +0000] akTzOh9eA2Q92AizAor9gwAAAE4 106.51.83.25 37276 172.26.37.160 7081
--7389cc21-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--7389cc21-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7389cc21-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTzOh9eA2Q92AizAor9gwAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782903610055893 2984 (- - -)
Stopwatch2: 1782903610055893 2984; combined=1447, p1=319, p2=947, p3=0, p4=0, p5=119, sr=81, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7389cc21-Z--
--6d2df16e-A--
[01/Jul/2026:11:02:11.106222 +0000] akTzs9XDG6AyyG2HW2QRywAAANA 106.51.83.25 60566 172.26.37.160 7081
--6d2df16e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 106.51.83.25
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--6d2df16e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6d2df16e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.51.83.25 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akTzs9XDG6AyyG2HW2QRywAAANA"]
Action: Intercepted (phase 2)
Stopwatch: 1782903731102797 3506 (- - -)
Stopwatch2: 1782903731102797 3506; combined=2276, p1=351, p2=1763, p3=0, p4=0, p5=106, sr=83, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6d2df16e-Z--
--4ebaa44f-A--
[01/Jul/2026:11:03:59.929252 +0000] akT0H-a2KgOyAmlZY0uvrQAAAAw 136.158.120.152 41840 172.26.37.160 7081
--4ebaa44f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--4ebaa44f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4ebaa44f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT0H-a2KgOyAmlZY0uvrQAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782903839925721 3789 (- - -)
Stopwatch2: 1782903839925721 3789; combined=1517, p1=350, p2=995, p3=0, p4=0, p5=112, sr=77, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4ebaa44f-Z--
--dbde1a45-A--
[01/Jul/2026:11:04:04.929035 +0000] akT0JPa2KgOyAmlZY0uvrgAAABY 172.68.62.22 35842 172.26.37.160 7081
--dbde1a45-B--
GET /.git/HEAD HTTP/1.1
Host: www.airvenushk.com
X-Real-IP: 172.68.62.22
X-Forwarded-For: 91.92.241.196
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
cf-ray: a144ed82f9163e72-ATH
accept-encoding: gzip, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 91.92.241.196
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
--dbde1a45-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dbde1a45-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.airvenushk.com"] [uri "/.git/HEAD"] [unique_id "akT0JPa2KgOyAmlZY0uvrgAAABY"]
Action: Intercepted (phase 1)
Stopwatch: 1782903844928339 764 (- - -)
Stopwatch2: 1782903844928339 764; combined=284, p1=202, p2=0, p3=0, p4=0, p5=82, sr=78, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dbde1a45-Z--
--1b293b72-A--
[01/Jul/2026:11:04:05.751527 +0000] akT0JR9eA2Q92AizAor9uQAAAEY 172.68.62.22 35848 172.26.37.160 7081
--1b293b72-B--
GET /.git/config HTTP/1.1
Host: www.airvenushk.com
X-Real-IP: 172.68.62.22
X-Forwarded-For: 91.92.241.196
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
cf-ray: a144ed8b19e3be00-ATH
accept-encoding: gzip, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 91.92.241.196
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
--1b293b72-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1b293b72-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.airvenushk.com"] [uri "/.git/config"] [unique_id "akT0JR9eA2Q92AizAor9uQAAAEY"]
Action: Intercepted (phase 1)
Stopwatch: 1782903845750871 732 (- - -)
Stopwatch2: 1782903845750871 732; combined=265, p1=207, p2=0, p3=0, p4=0, p5=57, sr=83, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1b293b72-Z--
--5bbd6107-A--
[01/Jul/2026:11:05:14.285552 +0000] akT0ah9eA2Q92AizAor9yAAAAFg 136.158.120.152 59770 172.26.37.160 7081
--5bbd6107-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5bbd6107-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5bbd6107-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT0ah9eA2Q92AizAor9yAAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782903914282097 3519 (- - -)
Stopwatch2: 1782903914282097 3519; combined=2307, p1=310, p2=1824, p3=0, p4=0, p5=111, sr=70, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5bbd6107-Z--
--904df40a-A--
[01/Jul/2026:11:05:46.319880 +0000] akT0itXDG6AyyG2HW2QR5QAAAM4 136.158.120.152 48812 172.26.37.160 7081
--904df40a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--904df40a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--904df40a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT0itXDG6AyyG2HW2QR5QAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782903946316604 3333 (- - -)
Stopwatch2: 1782903946316604 3333; combined=1488, p1=338, p2=949, p3=0, p4=0, p5=137, sr=71, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--904df40a-Z--
--70491d21-A--
[01/Jul/2026:11:06:18.253468 +0000] akT0qh9eA2Q92AizAor92AAAAFE 136.158.120.152 39598 172.26.37.160 7081
--70491d21-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--70491d21-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--70491d21-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT0qh9eA2Q92AizAor92AAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782903978250497 3032 (- - -)
Stopwatch2: 1782903978250497 3032; combined=1565, p1=399, p2=969, p3=0, p4=0, p5=128, sr=79, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--70491d21-Z--
--0a5ca746-A--
[01/Jul/2026:11:07:00.867743 +0000] akT01Pa2KgOyAmlZY0uvygAAAAU 136.158.120.152 48556 172.26.37.160 7081
--0a5ca746-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--0a5ca746-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0a5ca746-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT01Pa2KgOyAmlZY0uvygAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782904020863681 11284 (- - -)
Stopwatch2: 1782904020863681 11284; combined=1467, p1=333, p2=973, p3=0, p4=0, p5=106, sr=72, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0a5ca746-Z--
--90977533-A--
[01/Jul/2026:11:07:32.669121 +0000] akT09B9eA2Q92AizAor@JgAAAFA 136.158.120.152 43414 172.26.37.160 7081
--90977533-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--90977533-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--90977533-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT09B9eA2Q92AizAor@JgAAAFA"]
Action: Intercepted (phase 2)
Stopwatch: 1782904052666321 2858 (- - -)
Stopwatch2: 1782904052666321 2858; combined=1475, p1=334, p2=968, p3=0, p4=0, p5=111, sr=77, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--90977533-Z--
--9d3a3528-A--
[01/Jul/2026:11:08:36.594429 +0000] akT1NPa2KgOyAmlZY0uwzgAAAAA 136.158.120.152 49792 172.26.37.160 7081
--9d3a3528-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--9d3a3528-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9d3a3528-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT1NPa2KgOyAmlZY0uwzgAAAAA"]
Action: Intercepted (phase 2)
Stopwatch: 1782904116590212 4272 (- - -)
Stopwatch2: 1782904116590212 4272; combined=2059, p1=316, p2=1557, p3=0, p4=0, p5=120, sr=74, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9d3a3528-Z--
--801c1b16-A--
[01/Jul/2026:11:08:44.505048 +0000] akT1OB9eA2Q92AizAor@9gAAAFc 34.48.138.189 49902 172.26.37.160 7081
--801c1b16-B--
GET /wp-content/plugins/slider-revolution-master/public/css/sr7.css?ver=6.7.20 HTTP/1.1
Host: eonhk.com
X-Real-IP: 34.48.138.189
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://eonhk.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=0
--801c1b16-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/plugins/slider-revolution-master/public/css/sr7.css
Content-Length: 0
Content-Type: text/css
--801c1b16-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "136.158.120.152_fadbd28877e20bdd8e243207da6ed66590c86c54"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "136.158.120.152_fadbd28877e20bdd8e243207da6ed66590c86c54"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/plugins/slider-revolution-master/public/css/sr7.css"] [unique_id "akT1OB9eA2Q92AizAor@9gAAAFc"]
Stopwatch: 1782904120890823 3614713 (- - -)
Stopwatch2: 1782904120890823 3614713; combined=7223270, p1=264, p2=3413, p3=25, p4=22, p5=3609789, sr=57, sw=1, l=0, gc=3609756
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--801c1b16-Z--
--6cda513d-A--
[01/Jul/2026:11:09:50.841094 +0000] akT1fmqEWd-kjYG4aGjmXQAAAIM 136.158.120.152 60606 172.26.37.160 7081
--6cda513d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--6cda513d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6cda513d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT1fmqEWd-kjYG4aGjmXQAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782904190837023 4166 (- - -)
Stopwatch2: 1782904190837023 4166; combined=1945, p1=334, p2=1414, p3=0, p4=0, p5=133, sr=75, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6cda513d-Z--
--14926c78-A--
[01/Jul/2026:11:10:54.525366 +0000] akT1vh9eA2Q92AizAooAHgAAAEY 136.158.120.152 47616 172.26.37.160 7081
--14926c78-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--14926c78-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--14926c78-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT1vh9eA2Q92AizAooAHgAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782904254522053 3370 (- - -)
Stopwatch2: 1782904254522053 3370; combined=1882, p1=317, p2=1386, p3=0, p4=0, p5=116, sr=80, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--14926c78-Z--
--42c8405e-A--
[01/Jul/2026:11:11:58.462725 +0000] akT1-h9eA2Q92AizAooAKQAAAE8 136.158.120.152 43202 172.26.37.160 7081
--42c8405e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--42c8405e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--42c8405e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT1-h9eA2Q92AizAooAKQAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782904318459291 3578 (- - -)
Stopwatch2: 1782904318459291 3578; combined=1553, p1=328, p2=1043, p3=0, p4=0, p5=118, sr=76, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--42c8405e-Z--
--6036c60d-A--
[01/Jul/2026:11:13:13.066288 +0000] akT2SR9eA2Q92AizAooAOwAAAFU 136.158.120.152 48318 172.26.37.160 7081
--6036c60d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--6036c60d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6036c60d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT2SR9eA2Q92AizAooAOwAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782904393062600 3746 (- - -)
Stopwatch2: 1782904393062600 3746; combined=2415, p1=376, p2=1821, p3=0, p4=0, p5=141, sr=114, sw=77, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6036c60d-Z--
--8e83ef46-A--
[01/Jul/2026:11:13:44.855614 +0000] akT2aB9eA2Q92AizAooAPgAAAE0 136.158.120.152 38172 172.26.37.160 7081
--8e83ef46-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--8e83ef46-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8e83ef46-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT2aB9eA2Q92AizAooAPgAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782904424852883 2788 (- - -)
Stopwatch2: 1782904424852883 2788; combined=1467, p1=321, p2=967, p3=0, p4=0, p5=117, sr=71, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8e83ef46-Z--
--a048055c-A--
[01/Jul/2026:11:14:58.899067 +0000] akT2sva2KgOyAmlZY0uyEQAAAAQ 136.158.120.152 38304 172.26.37.160 7081
--a048055c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a048055c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a048055c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT2sva2KgOyAmlZY0uyEQAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782904498896170 5270 (- - -)
Stopwatch2: 1782904498896170 5270; combined=1467, p1=318, p2=978, p3=0, p4=0, p5=110, sr=72, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a048055c-Z--
--c4276148-A--
[01/Jul/2026:11:15:20.220970 +0000] akT2yB9eA2Q92AizAooAVgAAAFg 136.158.120.152 46790 172.26.37.160 7081
--c4276148-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c4276148-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c4276148-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT2yB9eA2Q92AizAooAVgAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782904520215535 6533 (- - -)
Stopwatch2: 1782904520215535 6533; combined=1577, p1=343, p2=1015, p3=0, p4=0, p5=150, sr=73, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c4276148-Z--
--be79f751-A--
[01/Jul/2026:11:16:56.128326 +0000] akT3KGqEWd-kjYG4aGjm3AAAAI0 136.158.120.152 54750 172.26.37.160 7081
--be79f751-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--be79f751-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--be79f751-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT3KGqEWd-kjYG4aGjm3AAAAI0"]
Action: Intercepted (phase 2)
Stopwatch: 1782904616122242 6308 (- - -)
Stopwatch2: 1782904616122242 6308; combined=1468, p1=342, p2=937, p3=0, p4=0, p5=125, sr=70, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--be79f751-Z--
--27b1d407-A--
[01/Jul/2026:11:17:38.542980 +0000] akT3Uh9eA2Q92AizAooAbQAAAEA 136.158.120.152 40668 172.26.37.160 7081
--27b1d407-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--27b1d407-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--27b1d407-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT3Uh9eA2Q92AizAooAbQAAAEA"]
Action: Intercepted (phase 2)
Stopwatch: 1782904658538704 4341 (- - -)
Stopwatch2: 1782904658538704 4341; combined=1698, p1=385, p2=1110, p3=0, p4=0, p5=133, sr=79, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--27b1d407-Z--
--b2edfe31-A--
[01/Jul/2026:11:17:57.716343 +0000] akT3Zfa2KgOyAmlZY0uyLQAAAA4 142.93.127.245 35898 172.26.37.160 7080
--b2edfe31-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--b2edfe31-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--b2edfe31-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akT3Zfa2KgOyAmlZY0uyLQAAAA4"]
Action: Intercepted (phase 1)
Stopwatch: 1782904677715806 576 (- - -)
Stopwatch2: 1782904677715806 576; combined=256, p1=206, p2=0, p3=0, p4=0, p5=50, sr=80, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b2edfe31-Z--
--5db11b1e-A--
[01/Jul/2026:11:18:01.908587 +0000] akT3aR9eA2Q92AizAooAeAAAAEY 142.93.127.245 35008 172.26.37.160 7081
--5db11b1e-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--5db11b1e-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--5db11b1e-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akT3aR9eA2Q92AizAooAeAAAAEY"]
Action: Intercepted (phase 1)
Stopwatch: 1782904681908075 553 (- - -)
Stopwatch2: 1782904681908075 553; combined=254, p1=197, p2=0, p3=0, p4=0, p5=57, sr=71, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5db11b1e-Z--
--9179f041-A--
[01/Jul/2026:11:18:52.796753 +0000] akT3nB9eA2Q92AizAooAgAAAAEw 136.158.120.152 44180 172.26.37.160 7081
--9179f041-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--9179f041-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9179f041-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT3nB9eA2Q92AizAooAgAAAAEw"]
Action: Intercepted (phase 2)
Stopwatch: 1782904732793050 3764 (- - -)
Stopwatch2: 1782904732793050 3764; combined=1952, p1=330, p2=1439, p3=0, p4=0, p5=122, sr=74, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9179f041-Z--
--dcf0c125-A--
[01/Jul/2026:11:19:24.750537 +0000] akT3vB9eA2Q92AizAooAiQAAAFM 136.158.120.152 52516 172.26.37.160 7081
--dcf0c125-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--dcf0c125-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dcf0c125-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT3vB9eA2Q92AizAooAiQAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782904764747227 3367 (- - -)
Stopwatch2: 1782904764747227 3367; combined=2004, p1=350, p2=1465, p3=0, p4=0, p5=128, sr=87, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dcf0c125-Z--
--78490e43-A--
[01/Jul/2026:11:20:28.599536 +0000] akT3-B9eA2Q92AizAooAlwAAAE0 136.158.120.152 37176 172.26.37.160 7081
--78490e43-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--78490e43-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--78490e43-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT3-B9eA2Q92AizAooAlwAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782904828595965 3635 (- - -)
Stopwatch2: 1782904828595965 3635; combined=1836, p1=347, p2=1305, p3=0, p4=0, p5=124, sr=100, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--78490e43-Z--
--2fda1224-A--
[01/Jul/2026:11:21:09.319905 +0000] akT4JR9eA2Q92AizAooAnQAAAFc 103.73.102.122 55552 172.26.37.160 7081
--2fda1224-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: contintechind.com
X-Real-IP: 103.73.102.122
X-Accel-Internal: /internal-nginx-static-location
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
--2fda1224-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2fda1224-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "contintechind.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akT4JR9eA2Q92AizAooAnQAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782904869317121 2837 (- - -)
Stopwatch2: 1782904869317121 2837; combined=918, p1=328, p2=534, p3=0, p4=0, p5=55, sr=84, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2fda1224-Z--
--645c3300-A--
[01/Jul/2026:11:21:09.445796 +0000] akT4JWqEWd-kjYG4aGjm-AAAAJc 103.73.102.122 55566 172.26.37.160 7081
--645c3300-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: contintechind.com
X-Real-IP: 103.73.102.122
X-Accel-Internal: /internal-nginx-static-location
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
--645c3300-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--645c3300-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "contintechind.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akT4JWqEWd-kjYG4aGjm-AAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782904869443319 2528 (- - -)
Stopwatch2: 1782904869443319 2528; combined=1174, p1=677, p2=448, p3=0, p4=0, p5=48, sr=470, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--645c3300-Z--
--e509ba3f-A--
[01/Jul/2026:11:21:32.324769 +0000] akT4PPa2KgOyAmlZY0uySwAAAAU 136.158.120.152 55610 172.26.37.160 7081
--e509ba3f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e509ba3f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e509ba3f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT4PPa2KgOyAmlZY0uySwAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782904892320757 4077 (- - -)
Stopwatch2: 1782904892320757 4077; combined=2408, p1=386, p2=1821, p3=0, p4=0, p5=133, sr=79, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e509ba3f-Z--
--5bb0db7a-A--
[01/Jul/2026:11:21:42.852461 +0000] akT4Rh9eA2Q92AizAooApAAAAFI 136.158.120.152 33594 172.26.37.160 7081
--5bb0db7a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)
--5bb0db7a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5bb0db7a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT4Rh9eA2Q92AizAooApAAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782904902845838 9835 (- - -)
Stopwatch2: 1782904902845838 9835; combined=1588, p1=322, p2=1066, p3=0, p4=0, p5=133, sr=72, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5bb0db7a-Z--
--f961da77-A--
[01/Jul/2026:11:22:25.451889 +0000] akT4cfa2KgOyAmlZY0uyXAAAAAk 136.158.120.152 36706 172.26.37.160 7081
--f961da77-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--f961da77-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f961da77-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT4cfa2KgOyAmlZY0uyXAAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782904945447619 4338 (- - -)
Stopwatch2: 1782904945447619 4338; combined=1549, p1=353, p2=972, p3=0, p4=0, p5=148, sr=84, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f961da77-Z--
--d3d7be7b-A--
[01/Jul/2026:11:22:57.467464 +0000] akT4kR9eA2Q92AizAooAyQAAAEo 136.158.120.152 37520 172.26.37.160 7081
--d3d7be7b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d3d7be7b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d3d7be7b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT4kR9eA2Q92AizAooAyQAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782904977464007 3675 (- - -)
Stopwatch2: 1782904977464007 3675; combined=1874, p1=312, p2=933, p3=0, p4=0, p5=574, sr=77, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d3d7be7b-Z--
--8f668b4c-A--
[01/Jul/2026:11:23:08.100752 +0000] akT4nB9eA2Q92AizAooAzAAAAFY 136.158.120.152 60972 172.26.37.160 7081
--8f668b4c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)
--8f668b4c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8f668b4c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT4nB9eA2Q92AizAooAzAAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782904988097871 2968 (- - -)
Stopwatch2: 1782904988097871 2968; combined=1660, p1=579, p2=917, p3=0, p4=0, p5=107, sr=319, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8f668b4c-Z--
--b66b753b-A--
[01/Jul/2026:11:23:29.383181 +0000] akT4sR9eA2Q92AizAooA0gAAAFQ 136.158.120.152 35924 172.26.37.160 7081
--b66b753b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b66b753b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b66b753b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT4sR9eA2Q92AizAooA0gAAAFQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782905009379571 3666 (- - -)
Stopwatch2: 1782905009379571 3666; combined=1736, p1=322, p2=1201, p3=0, p4=0, p5=146, sr=77, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b66b753b-Z--
--4392501c-A--
[01/Jul/2026:11:24:11.940286 +0000] akT42x9eA2Q92AizAooA5wAAAFM 136.158.120.152 56790 172.26.37.160 7081
--4392501c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--4392501c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4392501c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT42x9eA2Q92AizAooA5wAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782905051936883 3460 (- - -)
Stopwatch2: 1782905051936883 3460; combined=2299, p1=330, p2=1792, p3=0, p4=0, p5=115, sr=75, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4392501c-Z--
--fac07b34-A--
[01/Jul/2026:11:24:43.816394 +0000] akT4@x9eA2Q92AizAooA8AAAAE8 136.158.120.152 48862 172.26.37.160 7081
--fac07b34-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 136.158.120.152
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--fac07b34-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fac07b34-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.120.152 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akT4@x9eA2Q92AizAooA8AAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782905083812185 6236 (- - -)
Stopwatch2: 1782905083812185 6236; combined=2611, p1=361, p2=2053, p3=0, p4=0, p5=129, sr=87, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fac07b34-Z--
--3957ab22-A--
[01/Jul/2026:11:26:11.237269 +0000] akT5Ux9eA2Q92AizAooBBAAAAFI 104.23.197.231 36050 172.26.37.160 7081
--3957ab22-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Fhttpdocs%2F.htaccess&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Fhttpdocs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.231
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1450de77c10d937-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3957ab22-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3957ab22-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akT5Ux9eA2Q92AizAooBBAAAAFI"]
Action: Intercepted (phase 1)
Stopwatch: 1782905171235202 2186 (- - -)
Stopwatch2: 1782905171235202 2186; combined=270, p1=191, p2=0, p3=0, p4=0, p5=78, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3957ab22-Z--
--66625677-A--
[01/Jul/2026:11:31:27.878712 +0000] akT6j-a2KgOyAmlZY0uy3QAAAA4 142.93.127.245 58666 172.26.37.160 7080
--66625677-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--66625677-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--66625677-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akT6j-a2KgOyAmlZY0uy3QAAAA4"]
Action: Intercepted (phase 1)
Stopwatch: 1782905487878225 582 (- - -)
Stopwatch2: 1782905487878225 582; combined=248, p1=198, p2=0, p3=0, p4=0, p5=49, sr=86, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--66625677-Z--
--16aa8335-A--
[01/Jul/2026:11:31:31.293724 +0000] akT6k2qEWd-kjYG4aGjnUQAAAJA 142.93.127.245 46784 172.26.37.160 7081
--16aa8335-B--
GET /.git/config HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 142.93.127.245
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--16aa8335-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--16aa8335-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.git/config"] [unique_id "akT6k2qEWd-kjYG4aGjnUQAAAJA"]
Action: Intercepted (phase 1)
Stopwatch: 1782905491292225 2257 (- - -)
Stopwatch2: 1782905491292225 2257; combined=249, p1=197, p2=0, p3=0, p4=0, p5=52, sr=76, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--16aa8335-Z--
--0b38f617-A--
[01/Jul/2026:11:38:19.572712 +0000] akT8Kva2KgOyAmlZY0uzTQAAAA4 204.216.169.224 33080 172.26.37.160 7081
--0b38f617-B--
POST / HTTP/1.1
Host: eonhk.com
X-Real-IP: 204.216.169.224
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 5925
content-type: video/mpeg
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5159.200 Safari/537.36
accept-encoding: gzip
cookie: s_aprefpc=FZEMXC3EUpIGg0dANFqtefkDeAqVllT8RldJa1SwbmU1Ekeazp+rIl/hUb8EJ9DHlM3nUvMTxAiK8MpgN3H6g/2Jebiej4HBMF735Zvm4xifnv+atF1u7kEfch02tEZCkZ1ORNkeF8AQkSa3EveHibh+Wyb1SSmVrUnPScSKwIsfiFBmrsLBWAPELwBxhR8MFPQwZpC/dbq0/jPZNP0jr58P7jXfNm1BosQubA6di/tr+tnFRKxU1ixy6oNThCPjiiV8COHKyZGo4oFQC7UqcwMaPm75fOK61fPtTMZ0ibWjJY9DclGkfHZdfeLYSeyxTuugoVzblx/5+aBd5mW2CRi8CfOZXdTZJaBbCJSaUNSCWoE42oQ20gtJ6dsA0fZrZJQ=
--0b38f617-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.2.31
Link: <https://eonhk.com/wp-json/>; rel="https://api.w.org/", <https://eonhk.com/wp-json/wp/v2/pages/18>; rel="alternate"; title="JSON"; type="application/json", <https://eonhk.com/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 47279
Content-Type: text/html; charset=UTF-8
--0b38f617-E--
<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<link rel="profile" href="https://gmpg.org/xfn/11">
<link rel="pingback" href="https://eonhk.com/xmlrpc.php">
<!-- Google Tag Manager -->
<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer','GTM-M6SVZ44V');</script>
<!-- End Google Tag Manager -->
<meta name='robots' content='index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1' />
<!-- This site is optimized with the Yoast SEO plugin v25.9 - https://yoast.com/wordpress/plugins/seo/ -->
<title>Home - EON Rental Limited - Event Furniture Rental for Outdoor Event</title>
<link rel="canonical" href="https://eonhk.com/" />
<meta property="og:locale" content="en_US" />
<meta property="og:type" content="website" />
<meta property="og:title" content="Home - EON Rental Limited - Event Furniture Rental for Outdoor Event" />
<meta property="og:description" content="EON COLLECTIONS FEATURED CATEGORIES Best Furniture and AV Equipment Rental Service. Outdoor 戶外傢俬 (51) 51 products Furniture 傢俬 (95) 95" />
<meta property="og:url" content="https://eonhk.com/" />
<meta property="og:site_name" content="EON Rental Limited - Event Furniture Rental for Outdoor Event" />
<meta property="article:modified_time" content="2026-06-24T06:39:39+00:00" />
<meta property="og:image" content="https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg" />
<meta name="twitter:card" content="summary_large_image" />
<script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"WebPage","@id":"https://eonhk.com/","url":"https://eonhk.com/","name":"Home - EON Rental Limited - Event Furniture Rental for Outdoor Event","isPartOf":{"@id":"https://eonhk.com/#website"},"primaryImageOfPage":{"@id":"https://eonhk.com/#primaryimage"},"image":{"@id":"https://eonhk.com/#primaryimage"},"thumbnailUrl":"https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg","datePublished":"2021-08-26T12:13:00+00:00","dateModified":"2026-06-24T06:39:39+00:00","breadcrumb":{"@id":"https://eonhk.com/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https://eonhk.com/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https://eonhk.com/#primaryimage","url":"https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg","contentUrl":"https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg","width":1200,"height":1200},{"@type":"BreadcrumbList","@id":"https://eonhk.com/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home"}]},{"@type":"WebSite","@id":"https://eonhk.com/#website","url":"https://eonhk.com/","name":"EON Rental Limited - Event Furniture Rental for Outdoor Event","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https://eonhk.com/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}</script>
<!-- / Yoast SEO plugin. -->
<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel="alternate" type="application/rss+xml" title="EON Rental Limited - Event Furniture Rental for Outdoor Event » Feed" href="https://eonhk.com/feed/" />
<link rel="alternate" type="application/rss+xml" title="EON Rental Limited - Event Furniture Rental for Outdoor Event » Comments Feed" href="https://eonhk.com/comments/feed/" />
<link rel="alternate" title="oEmbed (JSON)" type="application/json+oembed" href="https://eonhk.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Feonhk.com%2F" />
<link rel="alternate" title="oEmbed (XML)" type="text/xml+oembed" href="https://eonhk.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Feonhk.com%2F&format=xml" />
<style id="wp-img-auto-sizes-contain-inline-css">
img:is([sizes=auto i],[sizes^="auto," i]){contain-intrinsic-size:3000px 1500px}
/*# sourceURL=wp-img-auto-sizes-contain-inline-css */
</style>
<style id="classic-theme-styles-inline-css">
/*! This file is auto-generated */
.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}
/*# sourceURL=/wp-includes/css/classic-themes.min.css */
</style>
<link rel='stylesheet' id='wc-blocks-style-css' href='https://eonhk.com/wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-10.1.2' media='all' />
<style id="global-styles-inline-css">
:root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgb(6,147,227) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgb(252,185,0) 0%,rgb(255,105,0) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgb(255,105,0) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgb(255, 255, 255), 6px 6px rgb(0, 0, 0);--wp--preset--shadow--crisp: 6px 6px 0px rgb(0, 0, 0);}:where(body) { margin: 0; }:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}body{padding-top: 0px;padding-right: 0px;padding-bottom: 0px;padding-left: 0px;}:root :where(.wp-element-button, .wp-block-button__link){background-color: #32373c;border-width: 0;color: #fff;font-family: inherit;font-size: inherit;font-style: inherit;font-weight: inherit;letter-spacing: inherit;line-height: inherit;padding-top: calc(0.667em + 2px);padding-right: calc(1.333em + 2px);padding-bottom: calc(0.667em + 2px);padding-left: calc(1.333em + 2px);text-decoration: none;text-transform: inherit;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}
/*# sourceURL=global-styles-inline-css */
</style>
<link rel='stylesheet' id='wapf-frontend-css-css' href='https://eonhk.com/wp-content/plugins/advanced-product-fields-for-woocommerce/assets/css/frontend.min.css?ver=1.6.17' media='all' />
<link rel='stylesheet' id='sr7css-css' href='//eonhk.com/wp-content/plugins/slider-revolution-master/public/css/sr7.css?ver=6.7.20' media='all' />
<style id="woocommerce-inline-inline-css">
.woocommerce form .form-row .required { visibility: visible; }
/*# sourceURL=woocommerce-inline-inline-css */
</style>
<link rel='stylesheet' id='brands-styles-css' href='https://eonhk.com/wp-content/plugins/woocommerce/assets/css/brands.css?ver=10.1.2' media='all' />
<link rel='stylesheet' id='chaty-front-css-css' href='https://eonhk.com/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.4.81745577107' media='all' />
<link rel='stylesheet' id='elementor-frontend-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.26.0' media='all' />
<link rel='stylesheet' id='elementor-post-6-css' href='https://eonhk.com/wp-content/uploads/elementor/css/post-6.css?ver=1759918866' media='all' />
<link rel='stylesheet' id='elementor-post-18-css' href='https://eonhk.com/wp-content/uploads/elementor/css/post-18.css?ver=1782283179' media='all' />
<link rel='stylesheet' id='woodmart-style-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-helpers-wpb-elem-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/helpers-wpb-elem.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-recent-post-comments-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-wd-recent-posts-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-wd-recent-posts.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-nav-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-nav.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-wd-layered-nav-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-wd-layered-nav.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-swatches-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-swatches-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-swatches-filter-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-swatches-filter.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-product-cat-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-product-cat.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-product-list-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-product-list.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wpcf7-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/int-wpcf7.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-revolution-slider-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/int-rev-slider.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-paypal-payments-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/int-woo-paypal-payments.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-elementor-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/int-elem-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woocommerce-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woocommerce-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-star-rating-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-star-rating.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-el-track-order-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-el-track-order.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woocommerce-block-notices-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-block-notices.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wp-blocks-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/wp-blocks.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-tools-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-tools.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-elements-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-social-icons-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-social-icons.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-search-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-search.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-search-form-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-search-form.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wd-search-results-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-results.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wd-search-form-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-form.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wd-search-cat-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-cat.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-my-account-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-my-account.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-cart-side-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-cart-side.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-cart-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-cart.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-shopping-cart-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-shopping-cart.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-mobile-nav-dropdown-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-mobile-nav-dropdown.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-categories-nav-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-category-nav.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-nav-vertical-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-nav-vertical.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-nav-vertical-design-default-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-nav-vertical-design-default.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-button-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-button.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-section-title-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-section-title.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-el-subtitle-style-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-subtitle-style.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-categories-loop-center-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-center-old.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-categories-loop-layout-masonry-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-layout-masonry.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-categories-loop-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-categories-loop-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-old.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-tabs-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-tabs.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-product-tabs-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-product-tabs.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-sticky-loader-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-sticky-loader.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-product-loop-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-product-loop.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-product-loop-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-product-loop-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-add-btn-replace-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-add-btn-replace.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-more-description-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-more-description.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-product-labels-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-product-labels.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-product-labels-round-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-product-labels-round.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mfp-popup-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-swiper-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-slider-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-slider.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-animations-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-animations-transform.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-info-box-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-info-box.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-swiper-arrows-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper-arrows.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-swiper-pagin-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper-pagin.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-text-block-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-text-block.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-blog-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-blog-loop-base-old-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-loop-base-old.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-blog-loop-design-masonry-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-loop-design-masonry.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-image-gallery-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-gallery.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-collapse-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/opt-widget-collapse.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-footer-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/footer-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-list-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-list.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-el-list-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-list-wpb-elem.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-scroll-top-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='xts-style-header_153799-css' href='https://eonhk.com/wp-content/uploads/2025/05/xts-header_153799-1748323841.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='xts-google-fonts-css' href='https://fonts.googleapis.com/css?family=Lato:400,700%7CPoppins:400,600,500&ver=8.0.4' media='all' />
<link rel='stylesheet' id='google-fonts-1-css' href='https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto+Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap&ver=7.0' media='all' />
<link rel="preconnect" href="https://fonts.gstatic.com/" crossorigin><script id="jquery-core-js" src="https://eonhk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1"></script>
<script id="jquery-migrate-js" src="https://eonhk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1"></script>
<script async data-wp-strategy="async" id="tp-tools-js" src="//eonhk.com/wp-content/plugins/slider-revolution-master/public/js/libs/tptools.js?ver=6.7.20"></script>
<script async data-wp-strategy="async" id="sr7-js" src="//eonhk.com/wp-content/plugins/slider-revolution-master/public/js/sr7.js?ver=6.7.20"></script>
<script data-wp-strategy="defer" defer id="jquery-blockui-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.10.1.2"></script>
<script id="wc-add-to-cart-js-extra">
var wc_add_to_cart_params = {"ajax_url":"/wp-admin/admin-ajax.php","wc_ajax_url":"/?wc-ajax=%%endpoint%%","i18n_view_cart":"View cart","cart_url":"https://eonhk.com/cart/","is_cart":"","cart_redirect_after_add":"no"};
//# sourceURL=wc-add-to-cart-js-extra
</script>
<script data-wp-strategy="defer" defer id="wc-add-to-cart-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=10.1.2"></script>
<script data-wp-strategy="defer" defer id="js-cookie-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.10.1.2"></script>
<script id="woocommerce-js-extra">
var woocommerce_params = {"ajax_url":"/wp-admin/admin-ajax.php","wc_ajax_url":"/?wc-ajax=%%endpoint%%","i18n_password_show":"Show password","i18n_password_hide":"Hide password"};
//# sourceURL=woocommerce-js-extra
</script>
<script data-wp-strategy="defer" defer id="woocommerce-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=10.1.2"></script>
<script id="wd-device-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/device.min.js?ver=8.0.4"></script>
<script id="wd-scrollbar-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/scrollBar.min.js?ver=8.0.4"></script>
<link rel="https://api.w.org/" href="https://eonhk.com/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://eonhk.com/wp-json/wp/v2/pages/18" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://eonhk.com/xmlrpc.php?rsd" />
<meta name="generator" content="WordPress 7.0" />
<meta name="generator" content="WooCommerce 10.1.2" />
<link rel='shortlink' href='https://eonhk.com/' />
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<noscript><style>.woocommerce-product-gallery{ opacity: 1 !important; }</style></noscript>
<meta name="generator" content="Elementor 3.26.0; features: e_font_icon_svg, additional_custom_breakpoints, e_element_cache; settings: css_print_method-external, google_font-enabled, font_display-swap">
<style>.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style> <style>
.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload),
.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) * {
background-image: none !important;
}
@media screen and (max-height: 1024px) {
.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload),
.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) * {
background-image: none !important;
}
}
@media screen and (max-height: 640px) {
.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload),
.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) * {
background-image: none !important;
}
}
</style>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com/" crossorigin>
<meta name="generator" content="Powered by Slider Revolution 6.7.20 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface." />
<link rel="icon" href="https://eonhk.com/wp-content/uploads/2024/10/EON-favicon-logo-150x150.png" sizes="32x32" />
<link rel="icon" href="https://eonhk.com/wp-content/uploads/2024/10/EON-favicon-logo.png" sizes="192x192" />
<link rel="apple-touch-icon" href="https://eonhk.com/wp-content/uploads/2024/10/EON-favicon-logo.png" />
<meta name="msapplication-TileImage" content="https://eonhk.com/wp-content/uploads/2024/10/EON-favicon-logo.png" />
<script>
window._tpt ??= {};
window.SR7 ??= {};
_tpt.R ??= {};
_tpt.R.fonts ??= {};
_tpt.R.fonts.customFonts??= {};
SR7.devMode = false;
SR7.F ??= {};
SR7.G ??= {};
SR7.LIB ??= {};
SR7.E ??= {};
SR7.E.gAddons ??= {};
SR7.E.php ??= {};
SR7.E.nonce = '7256004bd5';
SR7.E.ajaxurl = 'https://eonhk.com/wp-admin/admin-ajax.php';
SR7.E.resturl = 'https://eonhk.com/wp-json/';
SR7.E.slug_path = 'slider-revolution-master/revslider.php';
SR7.E.slug = 'revslider';
SR7.E.plugin_url = 'https://eonhk.com/wp-content/plugins/slider-revolution-master/';
SR7.E.wp_plugin_url = 'https://eonhk.com/wp-content/plugins/';
SR7.E.revision = '6.7.20';
SR7.E.fontBaseUrl = '//fonts.googleapis.com/css2?family=';
SR7.G.breakPoints = [1240,1024,778,480];
SR7.E.modules = ['module','page','slide','layer','draw','animate','srtools','canvas','defaults','carousel','navigation','media','modifiers','migration'];
SR7.E.libs = ['WEBGL'];
SR7.E.css = ['csslp','cssbtns','cssfilters','cssnav','cssmedia'];
SR7.E.resources = {};
SR7.JSON ??= {};
/*! Slider Revolution 7.0 - Page Processor */
!function(){"use strict";window.SR7??={},window._tpt??={},SR7.version="Slider Revolution 6.7.16",_tpt.getWinDim=function(t){_tpt.screenHeightWithUrlBar??=window.innerHeight;let e=SR7.F?.modal?.visible&&SR7.M[SR7.F.module.getIdByAlias(SR7.F.modal.requested)];_tpt.scrollBar=window.innerWidth!==document.documentElement.clientWidth||e&&window.innerWidth!==e.c.module.clientWidth,_tpt.winW=window.innerWidth-(_tpt.scrollBar||"prepare"==t?_tpt.scrollBarW??_tpt.mesureScrollBar():0),_tpt.winH=window.innerHeight,_tpt.winWAll=document.documentElement.clientWidth},_tpt.getResponsiveLevel=function(t,e){SR7.M[e];return _tpt.closestGE(t,_tpt.winWAll)},_tpt.mesureScrollBar=function(){let t=document.createElement("div");return t.className="RSscrollbar-measure",t.style.width="100px",t.style.height="100px",t.style.overflow="scroll",t.style.position="absolute",t.style.top="-9999px",document.body.appendChild(t),_tpt.scrollBarW=t.offsetWidth-t.clientWidth,document.body.removeChild(t),_tpt.scrollBarW},_tpt.loadCSS=async function(t,e,s){return s?_tpt.R.fonts.required[e].status=1:(_tpt.R[e]??={},_tpt.R[e].status=1),new Promise(((n,i)=>{if(_tpt.isStylesheetLoaded(t))s?_tpt.R.fonts.required[e].status=2:_tpt.R[e].status=2,n();else{const l=document.createElement("link");l.rel="stylesheet";let o="text",r="css";l["type"]=o+"/"+r,l.href=t,l.onload=()=>{s?_tpt.R.fonts.required[e].status=2:_tpt.R[e].status=2,n()},l.onerror=()=>{s?_tpt.R.fonts.required[e].status=3:_tpt.R[e].status=3,i(new Error(`Failed to load CSS: ${t}`))},document.head.appendChild(l)}}))},_tpt.addContainer=function(t){const{tag:e="div",id:s,class:n,datas:i,textContent:l,iHTML:o}=t,r=document.createElement(e);if(s&&""!==s&&(r.id=s),n&&""!==n&&(r.className=n),i)for(const[t,e]of Object.entries(i))"style"==t?r.style.cssText=e:r.setAttribute(`data-${t}`,e);return l&&(r.textContent=l),o&&(r.innerHTML=o),r},_tpt.collector=function(){return{fragment:new DocumentFragment,add(t){var e=_tpt.addContainer(t);return this.fragment.appendChild(e),e},append(t){t.appendChild(this.fragment)}}},_tpt.isStylesheetLoaded=function(t){let e=t.split("?")[0];return Array.from(document.querySelectorAll('link[rel="stylesheet"], link[rel="preload"]')).some((t=>t.href.split("?")[0]===e))},_tpt.preloader={requests:new Map,preloaderTemplates:new Map,show:function(t,e){if(!e||!t)return;const{type:s,color:n}=e;if(s<0||"off"==s)return;const i=`preloader_${s}`;let l=this.preloaderTemplates.get(i);l||(l=this.build(s,n),this.preloaderTemplates.set(i,l)),this.requests.has(t)||this.requests.set(t,{count:0});const o=this.requests.get(t);clearTimeout(o.timer),o.count++,1===o.count&&(o.timer=setTimeout((()=>{o.preloaderClone=l.cloneNode(!0),o.anim&&o.anim.kill(),void 0!==_tpt.gsap?o.anim=_tpt.gsap.fromTo(o.preloaderClone,1,{opacity:0},{opacity:1}):o.preloaderClone.classList.add("sr7-fade-in"),t.appendChild(o.preloaderClone)}),150))},hide:function(t){if(!this.requests.has(t))return;const e=this.requests.get(t);e.count--,e.count<0&&(e.count=0),e.anim&&e.anim.kill(),0===e.count&&(clearTimeout(e.timer),e.preloaderClone&&(e.preloaderClone.classList.remove("sr7-fade-in"),e.anim=_tpt.gsap.to(e.preloaderClone,.3,{opacity:0,onComplete:function(){e.preloaderClone.remove()}})))},state:function(t){if(!this.requests.has(t))return!1;return this.requests.get(t).count>0},build:(t,e="#ffffff",s="")=>{if(t<0||"off"===t)return null;const n=parseInt(t);if(t="prlt"+n,isNaN(n))return null;if(_tpt.loadCSS(SR7.E.plugin_url+"public/css/preloaders/t"+n+".css","preloader_"+t),isNaN(n)||n<6){const i=`background-color:${e}`,l=1===n||2==n?i:"",o=3===n||4==n?i:"",r=_tpt.collector();["dot1","dot2","bounce1","bounce2","bounce3"].forEach((t=>r.add({tag:"div",class:t,datas:{style:o}})));const d=_tpt.addContainer({tag:"sr7-prl",class:`${t} ${s}`,datas:{style:l}});return r.append(d),d}{let i={};if(7===n){let t;e.startsWith("#")?(t=e.replace("#",""),t=`rgba(${parseInt(t.substring(0,2),16)}, ${parseInt(t.substring(2,4),16)}, ${parseInt(t.substring(4,6),16)}, `):e.startsWith("rgb")&&(t=e.slice(e.indexOf("(")+1,e.lastIndexOf(")")).split(",").map((t=>t.trim())),t=`rgba(${t[0]}, ${t[1]}, ${t[2]}, `),t&&(i.style=`border-top-color: ${t}0.65); border-bottom-color: ${t}0.15); border-left-color: ${t}0.65); border-right-color: ${t}0.15)`)}else 12===n&&(i.style=`background:${e}`);const l=[10,0,4,2,5,9,0,4,4,2][n-6],o=_tpt.collector(),r=o.add({tag:"div",class:"sr7-prl-inner",datas:i});Array.from({length:l}).forEach((()=>r.appendChild(o.add({tag:"span",datas:{style:`background:${e}`}}))));const d=_tpt.addContainer({tag:"sr7-prl",class:`${t} ${s}`});return o.append(d),d}}},SR7.preLoader={show:(t,e)=>{"off"!==(SR7.M[t]?.settings?.pLoader?.type??"off")&&_tpt.preloader.show(e||SR7.M[t].c.module,SR7.M[t]?.settings?.pLoader??{color:"#fff",type:10})},hide:(t,e)=>{"off"!==(SR7.M[t]?.settings?.pLoader?.type??"off")&&_tpt.preloader.hide(e||SR7.M[t].c.module)},state:(t,e)=>_tpt.preloader.state(e||SR7.M[t].c.module)},_tpt.prepareModuleHeight=function(t){window.SR7.M??={},window.SR7.M[t.id]??={},"ignore"==t.googleFont&&(SR7.E.ignoreGoogleFont=!0);let e=window.SR7.M[t.id];if(null==_tpt.scrollBarW&&_tpt.mesureScrollBar(),e.c??={},e.states??={},e.settings??={},e.settings.size??={},t.fixed&&(e.settings.fixed=!0),e.c.module=document.getElementById(t.id),e.c.adjuster=e.c.module.getElementsByTagName("sr7-adjuster")[0],e.c.content=e.c.module.getElementsByTagName("sr7-content")[0],"carousel"==t.type&&(e.c.carousel=e.c.content.getElementsByTagName("sr7-carousel")[0]),null==e.c.module||null==e.c.module)return;t.plType&&t.plColor&&(e.settings.pLoader={type:t.plType,color:t.plColor}),void 0!==t.plType&&"off"!==t.plType&&SR7.preLoader.show(t.id,e.c.module),_tpt.winW||_tpt.getWinDim("prepare"),_tpt.getWinDim();let s=""+e.c.module.dataset?.modal;"modal"==s||"true"==s||"undefined"!==s&&"false"!==s||(e.settings.size.fullWidth=t.size.fullWidth,e.LEV??=_tpt.getResponsiveLevel(window.SR7.G.breakPoints,t.id),t.vpt=_tpt.fillArray(t.vpt,5),e.settings.vPort=t.vpt[e.LEV],void 0!==t.el&&"720"==t.el[4]&&t.gh[4]!==t.el[4]&&"960"==t.el[3]&&t.gh[3]!==t.el[3]&&"768"==t.el[2]&&t.gh[2]!==t.el[2]&&delete t.el,e.settings.size.height=null==t.el||null==t.el[e.LEV]||0==t.el[e.LEV]||"auto"==t.el[e.LEV]?_tpt.fillArray(t.gh,5,-1):_tpt.fillArray(t.el,5,-1),e.settings.size.width=_tpt.fillArray(t.gw,5,-1),e.settings.size.minHeight=_tpt.fillArray(t.mh??[0],5,-1),e.cacheSize={fullWidth:e.settings.size?.fullWidth,fullHeight:e.settings.size?.fullHeight},void 0!==t.off&&(t.off?.t&&(e.settings.size.m??={})&&(e.settings.size.m.t=t.off.t),t.off?.b&&(e.settings.size.m??={})&&(e.settings.size.m.b=t.off.b),t.off?.l&&(e.settings.size.p??={})&&(e.settings.size.p.l=t.off.l),t.off?.r&&(e.settings.size.p??={})&&(e.settings.size.p.r=t.off.r),e.offsetPrepared=!0),_tpt.updatePMHeight(t.id,t,!0))},_tpt.updatePMHeight=(t,e,s)=>{let n=SR7.M[t];var i=n.settings.size.fullWidth?_tpt.winW:n.c.module.parentNode.offsetWidth;i=0===i||isNaN(i)?_tpt.winW:i;let l=n.settings.size.width[n.LEV]||n.settings.size.width[n.LEV++]||n.settings.size.width[n.LEV--]||i,o=n.settings.size.height[n.LEV]||n.settings.size.height[n.LEV++]||n.settings.size.height[n.LEV--]||0,r=n.settings.size.minHeight[n.LEV]||n.settings.size.minHeight[n.LEV++]||n.settings.size.minHeight[n.LEV--]||0;if(o="auto"==o?0:o,o=parseInt(o),"carousel"!==e.type&&(i-=parseInt(e.onw??0)||0),n.MP=!n.settings.size.fullWidth&&i<l||_tpt.winW<l?Math.min(1,i/l):1,e.size.fullScreen||e.size.fullHeight){let t=parseInt(e.fho)||0,s=(""+e.fho).indexOf("%")>-1;e.newh=_tpt.winH-(s?_tpt.winH*t/100:t)}else e.newh=n.MP*Math.max(o,r);if(e.newh+=(parseInt(e.onh??0)||0)+(parseInt(e.carousel?.pt)||0)+(parseInt(e.carousel?.pb)||0),void 0!==e.slideduration&&(e.newh=Math.max(e.newh,parseInt(e.slideduration)/3)),e.shdw&&_tpt.buildShadow(e.id,e),n.c.adjuster.style.height=e.newh+"px",n.c.module.style.height=e.newh+"px",n.c.content.style.height=e.newh+"px",n.states.heightPrepared=!0,n.dims??={},n.dims.moduleRect=n.c.module.getBoundingClientRect(),n.c.content.style.left="-"+n.dims.moduleRect.left+"px",!n.settings.size.fullWidth)return s&&requestAnimationFrame((()=>{i!==n.c.module.parentNode.offsetWidth&&_tpt.updatePMHeight(e.id,e)})),void _tpt.bgStyle(e.id,e,window.innerWidth==_tpt.winW,!0);_tpt.bgStyle(e.id,e,window.innerWidth==_tpt.winW,!0),requestAnimationFrame((function(){s&&requestAnimationFrame((()=>{i!==n.c.module.parentNode.offsetWidth&&_tpt.updatePMHeight(e.id,e)}))})),n.earlyResizerFunction||(n.earlyResizerFunction=function(){requestAnimationFrame((function(){_tpt.getWinDim(),_tpt.moduleDefaults(e.id,e),_tpt.updateSlideBg(t,!0)}))},window.addEventListener("resize",n.earlyResizerFunction))},_tpt.buildShadow=function(t,e){let s=SR7.M[t];null==s.c.shadow&&(s.c.shadow=document.createElement("sr7-module-shadow"),s.c.shadow.classList.add("sr7-shdw-"+e.shdw),s.c.content.appendChild(s.c.shadow))},_tpt.bgStyle=async(t,e,s,n,i)=>{const l=SR7.M[t];if((e=e??l.settings).fixed&&!l.c.module.classList.contains("sr7-top-fixed")&&(l.c.module.classList.add("sr7-top-fixed"),l.c.module.style.position="fixed",l.c.module.style.width="100%",l.c.module.style.top="0px",l.c.module.style.left="0px",l.c.module.style.pointerEvents="none",l.c.module.style.zIndex=5e3,l.c.content.style.pointerEvents="none"),null==l.c.bgcanvas){let t=document.createElement("sr7-module-bg"),o=!1;if("string"==typeof e?.bg?.color&&e?.bg?.color.includes("{"))if(_tpt.gradient&&_tpt.gsap)e.bg.color=_tpt.gradient.convert(e.bg.color);else try{let t=JSON.parse(e.bg.color);(t?.orig||t?.string)&&(e.bg.color=JSON.parse(e.bg.color))}catch(t){return}let r="string"==typeof e?.bg?.color?e?.bg?.color||"transparent":e?.bg?.color?.string??e?.bg?.color?.orig??e?.bg?.color?.color??"transparent";if(t.style["background"+(String(r).includes("grad")?"":"Color")]=r,("transparent"!==r||i)&&(o=!0),l.offsetPrepared&&(t.style.visibility="hidden"),e?.bg?.image?.src&&(t.style.backgroundImage=`url(${e?.bg?.image.src})`,t.style.backgroundSize=""==(e.bg.image?.size??"")?"cover":e.bg.image.size,t.style.backgroundPosition=e.bg.image.position,t.style.backgroundRepeat=""==e.bg.image.repeat||null==e.bg.image.repeat?"no-repeat":e.bg.image.repeat,o=!0),!o)return;l.c.bgcanvas=t,e.size.fullWidth?t.style.width=_tpt.winW-(s&&_tpt.winH<document.body.offsetHeight?_tpt.scrollBarW:0)+"px":n&&(t.style.width=l.c.module.offsetWidth+"px"),e.sbt?.use?l.c.content.appendChild(l.c.bgcanvas):l.c.module.appendChild(l.c.bgcanvas)}l.c.bgcanvas.style.height=void 0!==e.newh?e.newh+"px":("carousel"==e.type?l.dims.module.h:l.dims.content.h)+"px",l.c.bgcanvas.style.left=!s&&e.sbt?.use||l.c.bgcanvas.closest("SR7-CONTENT")?"0px":"-"+(l?.dims?.moduleRect?.left??0)+"px"},_tpt.updateSlideBg=function(t,e){const s=SR7.M[t];let n=s.settings;s?.c?.bgcanvas&&(n.size.fullWidth?s.c.bgcanvas.style.width=_tpt.winW-(e&&_tpt.winH<document.body.offsetHeight?_tpt.scrollBarW:0)+"px":preparing&&(s.c.bgcanvas.style.width=s.c.module.offsetWidth+"px"))},_tpt.moduleDefaults=(t,e)=>{let s=SR7.M[t];null!=s&&null!=s.c&&null!=s.c.module&&(s.dims??={},s.dims.moduleRect=s.c.module.getBoundingClientRect(),s.c.content.style.left="-"+s.dims.moduleRect.left+"px",s.c.content.style.width=_tpt.winW-_tpt.scrollBarW+"px","carousel"==e.type&&(s.c.module.style.overflow="visible"),_tpt.bgStyle(t,e,window.innerWidth==_tpt.winW))},_tpt.getOffset=t=>{var e=t.getBoundingClientRect(),s=window.pageXOffset||document.documentElement.scrollLeft,n=window.pageYOffset||document.documentElement.scrollTop;return{top:e.top+n,left:e.left+s}},_tpt.fillArray=function(t,e){let s,n;t=Array.isArray(t)?t:[t];let i=Array(e),l=t.length;for(n=0;n<t.length;n++)i[n+(e-l)]=t[n],null==s&&"#"!==t[n]&&(s=t[n]);for(let t=0;t<e;t++)void 0!==i[t]&&"#"!=i[t]||(i[t]=s),s=i[t];return i},_tpt.closestGE=function(t,e){let s=Number.MAX_VALUE,n=-1;for(let i=0;i<t.length;i++)t[i]-1>=e&&t[i]-1-e<s&&(s=t[i]-1-e,n=i);return++n}}();</script>
<style id="wp-custom-css">
.product_meta .sku{
color:#CF0B37
}
.grecaptcha-badge {
visibility: hidden !important;
}
.scrollToTop {
right: 28px;
bottom: 80px;
}
/* mobile menu button style */
@media only screen and (min-width: 1024px) {
.desktop-hide {
display: none !important;
}
}
.btn-style-menu a{
background-color: rgba(207, 11, 55, 1);
color: #ffffff !important;
margin-left: 20px;
margin-right: 20px;
padding: 10px !important;
margin-top: 15px;
margin-bottom: 15px;
}
</style>
<style>
</style> <style id="wd-style-theme_settings_default-css" data-type="wd-style-theme_settings_default">
@font-face {
font-weight: normal;
font-style: normal;
font-family: "woodmart-font";
src: url("//eonhk.com/wp-content/themes/woodmart/fonts/woodmart-font-1-400.woff2?v=8.0.4") format("woff2");
}
@font-face {
font-family: "star";
font-weight: 400;
font-style: normal;
src: url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/star.eot?#iefix") format("embedded-opentype"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/star.woff") format("woff"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/star.ttf") format("truetype"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/star.svg#star") format("svg");
}
@font-face {
font-family: "WooCommerce";
font-weight: 400;
font-style: normal;
src: url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/WooCommerce.eot?#iefix") format("embedded-opentype"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/WooCommerce.woff") format("woff"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/WooCommerce.ttf") format("truetype"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/WooCommerce.svg#WooCommerce") format("svg");
}
:root {
--wd-text-font: "Lato", Arial, Helvetica, sans-serif;
--wd-text-font-weight: 400;
--wd-text-color: #777777;
--wd-text-font-size: 14px;
--wd-title-font: "Poppins", Arial, Helvetica, sans-serif;
--wd-title-font-weight: 600;
--wd-title-color: #242424;
--wd-entities-title-font: "Poppins", Arial, Helvetica, sans-serif;
--wd-entities-title-font-weight: 500;
--wd-entities-title-color: #333333;
--wd-entities-title-color-hover: rgb(51 51 51 / 65%);
--wd-alternative-font: "Lato", Arial, Helvetica, sans-serif;
--wd-widget-title-font: "Poppins", Arial, Helvetica, sans-serif;
--wd-widget-title-font-weight: 600;
--wd-widget-title-transform: uppercase;
--wd-widget-title-color: #333;
--wd-widget-title-font-size: 16px;
--wd-header-el-font: "Lato", Arial, Helvetica, sans-serif;
--wd-header-el-font-weight: 700;
--wd-header-el-transform: uppercase;
--wd-header-el-font-size: 13px;
--wd-primary-color: rgb(207,11,55);
--wd-alternative-color: #fbbc34;
--wd-link-color: rgb(51,51,51);
--wd-link-color-hover: #242424;
--btn-default-bgcolor: #f7f7f7;
--btn-default-bgcolor-hover: #efefef;
--btn-accented-bgcolor: #83b735;
--btn-accented-bgcolor-hover: #74a32f;
--wd-form-brd-width: 2px;
--notices-success-bg: #459647;
--notices-success-color: #fff;
--notices-warning-bg: #E0B252;
--notices-warning-color: #fff;
}
.wd-popup.wd-age-verify {
--wd-popup-width: 500px;
}
.wd-popup.wd-promo-popup {
background-color: #111111;
background-image: url(https://eonhk.com/wp-content/uploads/2021/08/promo-popup.jpg);
background-repeat: no-repeat;
background-size: cover;
background-position: center center;
--wd-popup-width: 800px;
}
.woodmart-woocommerce-layered-nav .wd-scroll-content {
max-height: 223px;
}
.wd-page-title {
background-color: #0a0a0a;
background-image: url(https://eonhk.com/wp-content/uploads/2024/09/Banner-012.jpg);
background-size: cover;
background-position: center center;
}
.wd-footer {
background-color: #ffffff;
background-image: none;
}
html .product-image-summary-wrap .product_title, html .wd-single-title .product_title {
font-weight: 600;
}
.wd-popup.popup-quick-view {
--wd-popup-width: 920px;
}
:root{
--wd-container-w: 1222px;
--wd-form-brd-radius: 0px;
--btn-default-color: #333;
--btn-default-color-hover: #333;
--btn-accented-color: #fff;
--btn-accented-color-hover: #fff;
--btn-default-brd-radius: 0px;
--btn-default-box-shadow: none;
--btn-default-box-shadow-hover: none;
--btn-default-box-shadow-active: none;
--btn-default-bottom: 0px;
--btn-accented-bottom-active: -1px;
--btn-accented-brd-radius: 0px;
--btn-accented-box-shadow: inset 0 -2px 0 rgba(0, 0, 0, .15);
--btn-accented-box-shadow-hover: inset 0 -2px 0 rgba(0, 0, 0, .15);
--wd-brd-radius: 0px;
}
@media (min-width: 1239px) {
.platform-Windows .wd-section-stretch > .elementor-container {
margin-left: auto;
margin-right: auto;
}
}
@media (min-width: 1222px) {
html:not(.platform-Windows) .wd-section-stretch > .elementor-container {
margin-left: auto;
margin-right: auto;
}
}
.product-information .product-rating-price
{
color: rgb(207, 11, 55);
}
.wd-product-sku span
{
color: rgb(207, 11, 55);
} </style>
<link rel='stylesheet' id='wc-stripe-blocks-checkout-style-css' href='https://eonhk.com/wp-content/plugins/woocommerce-gateway-stripe/build/upe-blocks.css?ver=9814412f6c2f8f8de894fcfd6ce47665' media='all' />
<link rel='stylesheet' id='widget-image-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/css/widget-image.min.css?ver=3.26.0' media='all' />
<link rel='stylesheet' id='widget-image-gallery-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/css/widget-image-gallery.min.css?ver=3.26.0' media='all' />
<link rel='stylesheet' id='swiper-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5' media='all' />
<link rel='stylesheet' id='e-swiper-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/css/conditionals/e-swiper.min.css?ver=3.26.0' media='all' />
</head>
<body class="home wp-singular page-template-default page page-id-18 wp-theme-woodmart theme-woodmart woocommerce-no-js wrapper-full-width categories-accordion-on woodmart-ajax-shop-on elementor-default elementor-kit-6 elementor-page elementor-page-18">
<script type="text/javascript" id="wd-flicker-fix">// Flicker fix.</script>
<div class="wd-page-wrapper website-wrapper">
<header class="whb-header whb-header_153799 whb-sticky-shadow whb-scroll-stick whb-sticky-real whb-hide-on-scroll">
<div class="whb-main-header">
<div class="whb-row whb-top-bar whb-not-sticky-row whb-with-bg whb-without-border whb-color-light whb-flex-flex-middle">
<div class="container">
<div class="whb-flex-row whb-top-bar-inner">
<div class="whb-column whb-col-left whb-visible-lg">
<div id="" class=" wd-social-icons wd-style-default social-follow wd-shape-circle whb-43k0qayz7gg36f2jmmhk color-scheme-light text-center">
<a rel="noopener noreferrer nofollow" href="https://www.facebook.com/eoneventservicesltd" target="_blank" class=" wd-social-icon social-facebook" aria-label="Facebook social link">
<span class="wd-icon"></span>
</a>
<a rel="noopener noreferrer nofollow" href="https://www.instagram.com/eoneventservicesltd/" target="_blank" class=" wd-social-icon social-instagram" aria-label="Instagram social link">
<span class="wd-icon"></span>
</a>
</div>
</div>
<div class="whb-column whb-col-center whb-visible-lg whb-empty-column">
</div>
<div class="whb-column whb-col-right whb-visible-lg">
<div class="wd-header-divider wd-full-height whb-aik22afewdiur23h71ba"></div>
<div class="wd-header-text reset-last-child ">Tel:<a href="tel:+85235682593"> +852 3568 2593</a></div>
<div class="wd-header-divider wd-full-height whb-hvo7pk2f543doxhr21h5"></div>
<div class="wd-header-text reset-last-child ">Email:<a href="mailto:[email protected]">[email protected]</a></div>
<div class="wd-header-divider wd-full-height whb-az2cvcuy0tgs2i5q3z1x"></div>
</div>
<div class="whb-column whb-col-mobile whb-hidden-lg">
<div id="" class=" wd-social-icons wd-style-default social-follow wd-shape-circle whb-vmlw3iqy1i9gf64uk7of color-scheme-light text-center">
<a rel="noopener noreferrer nofollow" href="https://www.facebook.com/eoneventservicesltd" target="_blank" class=" wd-social-icon social-facebook" aria-label="Facebook social link">
<span class="wd-icon"></span>
</a>
<a rel="noopener noreferrer nofollow" href="https://www.instagram.com/eoneventservicesltd/" target="_blank" class=" wd-social-icon social-instagram" aria-label="Instagram social link">
<span class="wd-icon"></span>
</a>
</div>
</div>
</div>
</div>
</div>
<div class="whb-row whb-general-header whb-sticky-row whb-without-bg whb-border-fullwidth whb-color-dark whb-flex-flex-middle">
<div class="container">
<div class="whb-flex-row whb-general-header-inner">
<div class="whb-column whb-col-left whb-visible-lg">
<div class="site-logo wd-switch-logo">
<a href="https://eonhk.com/" class="wd-logo wd-main-logo" rel="home" aria-label="Site logo">
<img width="300" height="170" src="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png" class="attachment-full size-full" alt="" style="max-width:160px;" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png 300w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-150x85.png 150w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png 180w" sizes="(max-width: 300px) 100vw, 300px" /> </a>
<a href="https://eonhk.com/" class="wd-logo wd-sticky-logo" rel="home">
<img width="300" height="170" src="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png" class="attachment-full size-full" alt="" style="max-width:100px;" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png 300w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-150x85.png 150w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png 180w" sizes="(max-width: 300px) 100vw, 300px" /> </a>
</div>
</div>
<div class="whb-column whb-col-center whb-visible-lg">
<div class="wd-search-form wd-header-search-form wd-display-form whb-9x1ytaxq7aphtb3npidp">
<form role="search" method="get" class="searchform wd-with-cat wd-style-default wd-cat-style-bordered woodmart-ajax-search" action="https://eonhk.com/" data-thumbnail="1" data-price="1" data-post_type="product" data-count="20" data-sku="0" data-symbols_count="3">
<input type="text" class="s" placeholder="Search for products" value="" name="s" aria-label="Search" title="Search for products" required/>
<input type="hidden" name="post_type" value="product">
<div class="wd-search-cat wd-scroll">
<input type="hidden" name="product_cat" value="0">
<a href="#" rel="nofollow" data-val="0">
<span>
Select category </span>
</a>
<div class="wd-dropdown wd-dropdown-search-cat wd-dropdown-menu wd-scroll-content wd-design-default">
<ul class="wd-sub-menu">
<li style="display:none;"><a href="#" data-val="0">Select category</a></li>
<li class="cat-item cat-item-211"><a class="pf-value" href="https://eonhk.com/product-category/3d-printing/" data-val="3d-printing" data-title="3D Printing" >3D Printing</a>
</li>
<li class="cat-item cat-item-20"><a class="pf-value" href="https://eonhk.com/product-category/av-items/" data-val="av-items" data-title="AV items" >AV items</a>
<ul class='children'>
<li class="cat-item cat-item-80"><a class="pf-value" href="https://eonhk.com/product-category/av-items/computer/" data-val="computer" data-title="Computer" >Computer</a>
</li>
<li class="cat-item cat-item-76"><a class="pf-value" href="https://eonhk.com/product-category/av-items/display-panel/" data-val="display-panel" data-title="Display Panel" >Display Panel</a>
</li>
<li class="cat-item cat-item-79"><a class="pf-value" href="https://eonhk.com/product-category/av-items/ipad/" data-val="ipad" data-title="iPad" >iPad</a>
</li>
<li class="cat-item cat-item-135"><a class="pf-value" href="https://eonhk.com/product-category/av-items/pa-system/" data-val="pa-system" data-title="PA System" >PA System</a>
</li>
<li class="cat-item cat-item-78"><a class="pf-value" href="https://eonhk.com/product-category/av-items/projector/" data-val="projector" data-title="Projector" >Projector</a>
</li>
<li class="cat-item cat-item-77"><a class="pf-value" href="https://eonhk.com/product-category/av-items/tv/" data-val="tv" data-title="TV" >TV</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-28"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/" data-val="backstage-equipment" data-title="Backstage Equipment" >Backstage Equipment</a>
<ul class='children'>
<li class="cat-item cat-item-180"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/fitting-room/" data-val="fitting-room" data-title="Fitting Room" >Fitting Room</a>
</li>
<li class="cat-item cat-item-179"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/hanging-rack/" data-val="hanging-rack" data-title="Hanging Rack" >Hanging Rack</a>
</li>
<li class="cat-item cat-item-178"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/mannequin/" data-val="mannequin" data-title="Mannequin" >Mannequin</a>
</li>
<li class="cat-item cat-item-177"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/mirror/" data-val="mirror" data-title="Mirror" >Mirror</a>
</li>
<li class="cat-item cat-item-182"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/partition/" data-val="partition" data-title="Partition" >Partition</a>
</li>
<li class="cat-item cat-item-181"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/pipe-drape/" data-val="pipe-drape" data-title="Pipe & Drape" >Pipe & Drape</a>
</li>
<li class="cat-item cat-item-183"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/plant/" data-val="plant" data-title="Plant" >Plant</a>
</li>
<li class="cat-item cat-item-184"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/stage-materials/" data-val="stage-materials" data-title="Stage Materials" >Stage Materials</a>
<ul class='children'>
<li class="cat-item cat-item-86"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/stage-materials/podium/" data-val="podium" data-title="Podium" >Podium</a>
</li>
<li class="cat-item cat-item-159"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/stage-materials/stage/" data-val="stage" data-title="Stage" >Stage</a>
</li>
</ul>
</li>
</ul>
</li>
<li class="cat-item cat-item-29"><a class="pf-value" href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" data-val="barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c" data-title="Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌" >Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌</a>
<ul class='children'>
<li class="cat-item cat-item-137"><a class="pf-value" href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/barricade/" data-val="barricade" data-title="Barricade" >Barricade</a>
</li>
<li class="cat-item cat-item-139"><a class="pf-value" href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/barrier/" data-val="barrier" data-title="Barrier" >Barrier</a>
</li>
<li class="cat-item cat-item-138"><a class="pf-value" href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/signage/" data-val="signage" data-title="Signage" >Signage</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-225"><a class="pf-value" href="https://eonhk.com/product-category/bookable/" data-val="bookable" data-title="Bookable" >Bookable</a>
</li>
<li class="cat-item cat-item-226"><a class="pf-value" href="https://eonhk.com/product-category/booth-design/" data-val="booth-design" data-title="Booth Design & Production" >Booth Design & Production</a>
</li>
<li class="cat-item cat-item-195"><a class="pf-value" href="https://eonhk.com/product-category/brochure-rack/" data-val="brochure-rack" data-title="Brochure Rack & Display Rack" >Brochure Rack & Display Rack</a>
</li>
<li class="cat-item cat-item-53"><a class="pf-value" href="https://eonhk.com/product-category/coolers/" data-val="coolers" data-title="Cooler & Heater" >Cooler & Heater</a>
<ul class='children'>
<li class="cat-item cat-item-92"><a class="pf-value" href="https://eonhk.com/product-category/coolers/cooler/" data-val="cooler" data-title="Cooler" >Cooler</a>
</li>
<li class="cat-item cat-item-93"><a class="pf-value" href="https://eonhk.com/product-category/coolers/fan/" data-val="fan" data-title="Fan" >Fan</a>
</li>
<li class="cat-item cat-item-94"><a class="pf-value" href="https://eonhk.com/product-category/coolers/gas-heater/" data-val="gas-heater" data-title="Gas Heater" >Gas Heater</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-42"><a class="pf-value" href="https://eonhk.com/product-category/display-fridge-freezer/" data-val="display-fridge-freezer" data-title="Display Fridge & Freezer" >Display Fridge & Freezer</a>
<ul class='children'>
<li class="cat-item cat-item-190"><a class="pf-value" href="https://eonhk.com/product-category/display-fridge-freezer/display-fridge/" data-val="display-fridge" data-title="Display Fridge" >Display Fridge</a>
</li>
<li class="cat-item cat-item-191"><a class="pf-value" href="https://eonhk.com/product-category/display-fridge-freezer/freezer/" data-val="freezer" data-title="Freezer" >Freezer</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-71"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/" data-val="electric-equipment" data-title="Electric Equipment" >Electric Equipment</a>
<ul class='children'>
<li class="cat-item cat-item-185"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/coffee-machin/" data-val="coffee-machin" data-title="Coffee Machin" >Coffee Machin</a>
</li>
<li class="cat-item cat-item-186"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/oven/" data-val="oven" data-title="Oven" >Oven</a>
</li>
<li class="cat-item cat-item-188"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/printer/" data-val="printer" data-title="Printer" >Printer</a>
</li>
<li class="cat-item cat-item-189"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/shredder/" data-val="shredder" data-title="Shredder" >Shredder</a>
</li>
<li class="cat-item cat-item-187"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/water-dispenser/" data-val="water-dispenser" data-title="Water Dispenser" >Water Dispenser</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-72"><a class="pf-value" href="https://eonhk.com/product-category/furniture/" data-val="furniture" data-title="Furniture 傢俬" >Furniture 傢俬</a>
<ul class='children'>
<li class="cat-item cat-item-166"><a class="pf-value" href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" data-val="chair-%e6%a4%85%e5%ad%90" data-title="Chair 椅子" >Chair 椅子</a>
</li>
<li class="cat-item cat-item-212"><a class="pf-value" href="https://eonhk.com/product-category/furniture/kids-%e5%85%92%e7%ab%a5%e5%82%a2%e4%bf%ac/" data-val="kids-%e5%85%92%e7%ab%a5%e5%82%a2%e4%bf%ac" data-title="Kids 兒童傢俬" >Kids 兒童傢俬</a>
</li>
<li class="cat-item cat-item-209"><a class="pf-value" href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" data-val="outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac" data-title="Outdoor 戶外傢俬" >Outdoor 戶外傢俬</a>
</li>
<li class="cat-item cat-item-167"><a class="pf-value" href="https://eonhk.com/product-category/furniture/sofa-%e6%a2%b3%e5%8c%96%e6%b2%99%e7%99%bc/" data-val="sofa-%e6%a2%b3%e5%8c%96%e6%b2%99%e7%99%bc" data-title="Sofa 梳化沙發" >Sofa 梳化沙發</a>
</li>
<li class="cat-item cat-item-168"><a class="pf-value" href="https://eonhk.com/product-category/furniture/stool-%e5%90%a7%e6%a4%85/" data-val="stool-%e5%90%a7%e6%a4%85" data-title="Stool 吧椅" >Stool 吧椅</a>
</li>
<li class="cat-item cat-item-169"><a class="pf-value" href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/" data-val="table-%e6%a1%8c%e5%ad%90" data-title="Table 桌子" >Table 桌子</a>
<ul class='children'>
<li class="cat-item cat-item-170"><a class="pf-value" href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/coffee-table-%e5%92%96%e5%95%a1%e5%8f%b0%e6%a1%8c/" data-val="coffee-table-%e5%92%96%e5%95%a1%e5%8f%b0%e6%a1%8c" data-title="Coffee Table 咖啡台桌" >Coffee Table 咖啡台桌</a>
</li>
<li class="cat-item cat-item-173"><a class="pf-value" href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/dinning-table-%e9%a4%90%e5%8f%b0%e6%a1%8c-%e6%9c%83%e8%ad%b0%e5%8f%b0%e6%a1%8c/" data-val="dinning-table-%e9%a4%90%e5%8f%b0%e6%a1%8c-%e6%9c%83%e8%ad%b0%e5%8f%b0%e6%a1%8c" data-title="Dinning Table/Meeting Table 餐台桌/會議台桌" >Dinning Table/Meeting Table 餐台桌/會議台桌</a>
</li>
<li class="cat-item cat-item-175"><a class="pf-value" href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/high-table-%e5%90%a7%e5%8f%b0%e6%a1%8c/" data-val="high-table-%e5%90%a7%e5%8f%b0%e6%a1%8c" data-title="High Table 吧台桌" >High Table 吧台桌</a>
</li>
</ul>
</li>
</ul>
</li>
<li class="cat-item cat-item-162"><a class="pf-value" href="https://eonhk.com/product-category/game-booth/" data-val="game-booth" data-title="Game Booth" >Game Booth</a>
</li>
<li class="cat-item cat-item-176"><a class="pf-value" href="https://eonhk.com/product-category/illuminated-led-funiture1/" data-val="illuminated-led-funiture1" data-title="Illuminated / LED Funiture" >Illuminated / LED Funiture</a>
</li>
<li class="cat-item cat-item-198"><a class="pf-value" href="https://eonhk.com/product-category/marquee/" data-val="marquee" data-title="Marquee & Umbrella" >Marquee & Umbrella</a>
</li>
<li class="cat-item cat-item-161"><a class="pf-value" href="https://eonhk.com/product-category/outdoor-items/" data-val="outdoor-items" data-title="Outdoor Items" >Outdoor Items</a>
</li>
<li class="cat-item cat-item-75"><a class="pf-value" href="https://eonhk.com/product-category/whiteboard-flipchart-locker-bin/" data-val="whiteboard-flipchart-locker-bin" data-title="Whiteboard, flipchart , Locker & Bin" >Whiteboard, flipchart , Locker & Bin</a>
</li>
</ul>
</div>
</div>
<button type="submit" class="searchsubmit">
<span>
Search </span>
</button>
</form>
<div class="search-results-wrapper">
<div class="wd-dropdown-results wd-scroll wd-dropdown">
<div class="wd-scroll-content"></div>
</div>
</div>
</div>
</div>
<div class="whb-column whb-col-right whb-visible-lg">
<div class="whb-space-element " style="width:15px;"></div> <link rel="stylesheet" id="wd-header-my-account-dropdown-css" href="https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-my-account-dropdown.min.css?ver=8.0.4" type="text/css" media="all" /> <link rel="stylesheet" id="wd-woo-mod-login-form-css" href="https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-login-form.min.css?ver=8.0.4" type="text/css" media="all" /> <div class="wd-header-my-account wd-tools-element wd-event-hover wd-design-1 wd-account-style-icon whb-cbbp7oczk2t6id6bfv12">
<a href="https://eonhk.com/my-account/" title="My account">
<span class="wd-tools-icon">
</span>
<span class="wd-tools-text">
Login / Register </span>
</a>
<div class="wd-dropdown wd-dropdown-register">
<div class="login-dropdown-inner woocommerce">
<span class="wd-heading"><span class="title">Sign in</span><a class="create-account-link" href="https://eonhk.com/my-account/?action=register">Create an Account</a></span>
<form method="post" class="login woocommerce-form woocommerce-form-login
" action="https://eonhk.com/my-account/" >
<p class="woocommerce-FormRow woocommerce-FormRow--wide form-row form-row-wide form-row-username">
<label for="username">Username or email address <span class="required" aria-hidden="true">*</span><span class="screen-reader-text">Required</span></label>
<input type="text" class="woocommerce-Input woocommerce-Input--text input-text" name="username" id="username" value="" /> </p>
<p class="woocommerce-FormRow woocommerce-FormRow--wide form-row form-row-wide form-row-password">
<label for="password">Password <span class="required" aria-hidden="true">*</span><span class="screen-reader-text">Required</span></label>
<input class="woocommerce-Input woocommerce-Input--text input-text" type="password" name="password" id="password" autocomplete="current-password" />
</p>
<div class="g-recaptcha" data-sitekey="6LciDGUrAAAAAC9QtYvFqb8N9bdk3rzd5J7pGDCp"></div>
<br/>
<p class="form-row">
<input type="hidden" id="woocommerce-login-nonce" name="woocommerce-login-nonce" value="4c1e1b9c2b" /><input type="hidden" name="_wp_http_referer" value="/" /> <button type="submit" class="button woocommerce-button woocommerce-form-login__submit" name="login" value="Log in">Log in</button>
</p>
<p class="login-form-footer">
<a href="https://eonhk.com/my-account/lost-password/" class="woocommerce-LostPassword lost_password">Lost your password?</a>
<label class="woocommerce-form__label woocommerce-form__label-for-checkbox woocommerce-form-login__rememberme">
<input class="woocommerce-form__input woocommerce-form__input-checkbox" name="rememberme" type="checkbox" value="forever" title="Remember me" aria-label="Remember me" /> <span>Remember me</span>
</label>
</p>
</form>
</div>
</div>
</div>
<div class="wd-header-wishlist wd-tools-element wd-style-icon wd-with-count wd-design-2 whb-a22wdkiy3r40yw2paskq" title="My Wishlist">
<a href="https://eonhk.com/wishlist/" title="Wishlist products">
<span class="wd-tools-icon">
<span class="wd-tools-count">
0 </span>
</span>
<span class="wd-tools-text">
Wishlist </span>
</a>
</div>
<div class="wd-header-compare wd-tools-element wd-style-icon wd-with-count wd-design-2 whb-p2jvs451wo69tpw9jy4t">
<a href="https://eonhk.com/compare/" title="Compare products">
<span class="wd-tools-icon">
<span class="wd-tools-count">0</span>
</span>
<span class="wd-tools-text">
Compare </span>
</a>
</div>
<div class="wd-header-cart wd-tools-element wd-design-6 cart-widget-opener wd-style-icon whb-1nxrsjy8zgrjx06ymr5e">
<a href="https://eonhk.com/cart/" title="Shopping cart">
<span class="wd-tools-icon">
<span class="wd-cart-number wd-tools-count">0 <span>items</span></span>
</span>
<span class="wd-tools-text">
<span class="wd-cart-subtotal"><span class="woocommerce-Price-amount amount"><bdi><span class="woocommerce-Price-currencySymbol">$</span>0.00</bdi></span></span>
</span>
</a>
</div>
</div>
<div class="whb-column whb-mobile-left whb-hidden-lg">
<div class="wd-tools-element wd-header-mobile-nav wd-style-icon wd-design-1 whb-g1k0m1tib7raxrwkm1t3">
<a href="#" rel="nofollow" aria-label="Open mobile menu">
<span class="wd-tools-icon">
</span>
<span class="wd-tools-text">Menu</span>
</a>
</div></div>
<div class="whb-column whb-mobile-center whb-hidden-lg">
<div class="site-logo">
<a href="https://eonhk.com/" class="wd-logo wd-main-logo" rel="home" aria-label="Site logo">
<img width="300" height="170" src="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png" class="attachment-full size-full" alt="" style="max-width:81px;" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png 300w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-150x85.png 150w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png 180w" sizes="(max-width: 300px) 100vw, 300px" /> </a>
</div>
</div>
<div class="whb-column whb-mobile-right whb-hidden-lg whb-empty-column">
</div>
</div>
</div>
</div>
<div class="whb-row whb-header-bottom whb-sticky-row whb-without-bg whb-border-fullwidth whb-color-dark whb-hidden-mobile whb-flex-flex-middle">
<div class="container">
<div class="whb-flex-row whb-header-bottom-inner">
<div class="whb-column whb-col-left whb-visible-lg">
<div class="wd-header-cats wd-style-1 whb-wjlcubfdmlq3d7jvmt23" role="navigation" aria-label="Header categories navigation">
<span class="menu-opener color-scheme-light">
<span class="menu-opener-icon"></span>
<span class="menu-open-label">
Browse Categories </span>
</span>
<div class="wd-dropdown wd-dropdown-cats wd-opened">
<ul id="menu-product-category" class="menu wd-nav wd-nav-vertical wd-design-default"><li id="menu-item-14074" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-14074 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/3d-printing/" class="woodmart-nav-link"><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-150x150.jpg" class="wd-nav-img" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /><span class="nav-link-text">3D Printing</span></a></li>
<li id="menu-item-14091" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-14091 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/booth-design/" class="woodmart-nav-link"><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-150x150.jpg" class="wd-nav-img" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu.jpg 1080w" sizes="(max-width: 150px) 100vw, 150px" /><span class="nav-link-text">Booth Design & Production</span></a></li>
<li id="menu-item-10452" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10452 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/game-booth/" class="woodmart-nav-link"><span class="nav-link-text">Game Booth</span></a></li>
<li id="menu-item-10449" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10449 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/" class="woodmart-nav-link"><span class="nav-link-text">Furniture 傢俬</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10450" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10450 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" class="woodmart-nav-link">Chair 椅子</a></li>
<li id="menu-item-11023" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11023 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" class="woodmart-nav-link">Outdoor 戶外傢俬</a></li>
<li id="menu-item-10451" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10451 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/sofa-%e6%a2%b3%e5%8c%96%e6%b2%99%e7%99%bc/" class="woodmart-nav-link">Sofa 梳化沙發</a></li>
<li id="menu-item-10475" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10475 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/stool-%e5%90%a7%e6%a4%85/" class="woodmart-nav-link">Stool 吧椅</a></li>
<li id="menu-item-10476" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10476 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/" class="woodmart-nav-link">Table 桌子</a>
<ul class="sub-sub-menu wd-dropdown">
<li id="menu-item-10465" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10465 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/coffee-table-%e5%92%96%e5%95%a1%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">Coffee Table 咖啡台桌</a></li>
<li id="menu-item-10466" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10466 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/dinning-table-%e9%a4%90%e5%8f%b0%e6%a1%8c-%e6%9c%83%e8%ad%b0%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">Dinning Table/Meeting Table 餐台桌/會議台桌</a></li>
<li id="menu-item-10467" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10467 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/high-table-%e5%90%a7%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">High Table 吧台桌</a></li>
</ul>
</li>
<li id="menu-item-11188" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11188 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/kids-%e5%85%92%e7%ab%a5%e5%82%a2%e4%bf%ac/" class="woodmart-nav-link">Kids 兒童傢俬</a></li>
<li id="menu-item-11403" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11403 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/furniture-set-%e5%82%a2%e4%bf%ac%e7%b5%84%e5%90%88/" class="woodmart-nav-link">Furniture Set 傢俬組合</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10453" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10453 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/illuminated-led-funiture1/" class="woodmart-nav-link"><span class="nav-link-text">Illuminated / LED Funiture</span></a></li>
<li id="menu-item-10422" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10422 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/" class="woodmart-nav-link"><span class="nav-link-text">AV items</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10426" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10426 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/pa-system/" class="woodmart-nav-link">PA System</a></li>
<li id="menu-item-10424" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10424 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/display-panel/" class="woodmart-nav-link">Display Panel</a></li>
<li id="menu-item-10477" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10477 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/tv/" class="woodmart-nav-link">TV</a></li>
<li id="menu-item-10427" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10427 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/projector/" class="woodmart-nav-link">Projector</a></li>
<li id="menu-item-10425" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10425 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/ipad/" class="woodmart-nav-link">iPad</a></li>
<li id="menu-item-10423" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10423 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/computer/" class="woodmart-nav-link">Computer</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10428" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10428 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/" class="woodmart-nav-link"><span class="nav-link-text">Backstage Equipment</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10429" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10429 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/fitting-room/" class="woodmart-nav-link">Fitting Room</a></li>
<li id="menu-item-10430" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10430 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/hanging-rack/" class="woodmart-nav-link">Hanging Rack</a></li>
<li id="menu-item-10431" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10431 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/mannequin/" class="woodmart-nav-link">Mannequin</a></li>
<li id="menu-item-10432" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10432 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/mirror/" class="woodmart-nav-link">Mirror</a></li>
<li id="menu-item-10433" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10433 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/partition/" class="woodmart-nav-link">Partition</a></li>
<li id="menu-item-10434" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10434 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/pipe-drape/" class="woodmart-nav-link">Pipe & Drape</a></li>
<li id="menu-item-10435" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10435 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/plant/" class="woodmart-nav-link">Plant</a></li>
<li id="menu-item-10474" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10474 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/" class="woodmart-nav-link">Stage Materials</a>
<ul class="sub-sub-menu wd-dropdown">
<li id="menu-item-10471" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10471 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/stage/" class="woodmart-nav-link">Stage</a></li>
<li id="menu-item-10470" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10470 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/podium/" class="woodmart-nav-link">Podium</a></li>
</ul>
</li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10454" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10454 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" class="woodmart-nav-link"><span class="nav-link-text">Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌</span></a></li>
<li id="menu-item-10437" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10437 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/display-fridge-freezer/" class="woodmart-nav-link"><span class="nav-link-text">Display Fridge & Freezer</span></a></li>
<li id="menu-item-10440" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10440 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/coolers/" class="woodmart-nav-link"><span class="nav-link-text">Cooler & Heater</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10441" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10441 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/coolers/cooler/" class="woodmart-nav-link">Cooler</a></li>
<li id="menu-item-10442" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10442 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/coolers/fan/" class="woodmart-nav-link">Fan</a></li>
<li id="menu-item-10443" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10443 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/coolers/gas-heater/" class="woodmart-nav-link">Gas Heater</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10444" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10444 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/" class="woodmart-nav-link"><span class="nav-link-text">Electric Equipment</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10445" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10445 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/coffee-machin/" class="woodmart-nav-link">Coffee Machin</a></li>
<li id="menu-item-10446" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10446 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/oven/" class="woodmart-nav-link">Oven</a></li>
<li id="menu-item-10447" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10447 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/printer/" class="woodmart-nav-link">Printer</a></li>
<li id="menu-item-10448" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10448 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/shredder/" class="woodmart-nav-link">Shredder</a></li>
<li id="menu-item-10478" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10478 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/water-dispenser/" class="woodmart-nav-link">Water Dispenser</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10472" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10472 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/whiteboard-flipchart-locker-bin/" class="woodmart-nav-link"><span class="nav-link-text">Whiteboard, flipchart , Locker & Bin</span></a></li>
<li id="menu-item-10460" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10460 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/brochure-rack/" class="woodmart-nav-link"><span class="nav-link-text">Brochure Rack & Display Rack</span></a></li>
<li id="menu-item-10463" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10463 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/marquee/" class="woodmart-nav-link"><span class="nav-link-text">Marquee & Umbrella</span></a></li>
<li id="menu-item-13339" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-13339 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/bookable/" class="woodmart-nav-link"><span class="nav-link-text">Bookable</span></a></li>
</ul> </div>
</div>
</div>
<div class="whb-column whb-col-center whb-visible-lg">
<div class="wd-header-nav wd-header-main-nav text-left wd-design-1" role="navigation" aria-label="Main navigation">
<ul id="menu-mobile-navigation" class="menu wd-nav wd-nav-main wd-style-default wd-gap-s"><li id="menu-item-8450" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-home current-menu-item page_item page-item-18 current_page_item menu-item-8450 item-level-0 menu-mega-dropdown wd-event-hover" ><a href="https://eonhk.com/" class="woodmart-nav-link"><span class="nav-link-text">Home</span></a></li>
<li id="menu-item-8429" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8429 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/about-us/" class="woodmart-nav-link"><span class="nav-link-text">About Us</span></a></li>
<li id="menu-item-11208" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-11208 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" class="woodmart-nav-link"><span class="nav-link-text">Products</span></a></li>
<li id="menu-item-8705" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8705 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/services/" class="woodmart-nav-link"><span class="nav-link-text">Services</span></a></li>
<li id="menu-item-11362" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-11362 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="#" class="woodmart-nav-link"><span class="nav-link-text">Solutions</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-11363" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-11363 item-level-1 wd-event-hover" ><a href="https://eonhk.com/3d-printing/" class="woodmart-nav-link">3D Printing</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-8402" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8402 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/projects/" class="woodmart-nav-link"><span class="nav-link-text">Projects</span></a></li>
<li id="menu-item-8428" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8428 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/contact-us/" class="woodmart-nav-link"><span class="nav-link-text">Contact Us</span></a></li>
</ul></div>
</div>
<div class="whb-column whb-col-right whb-visible-lg">
<div id="wd-6a44fc2b49b36" class=" whb-zioafvqx8q83zdslj3ok wd-button-wrapper text-center"><a href="https://eonhk.com/wp-content/uploads/2024/12/EON_Catalogue_20241206.pdf" title="" target="_blank" style="--btn-color:#fff;--btn-color-hover:#fff;" class="btn btn-style-default btn-shape-semi-round btn-size-default">Download Catalog</a></div></div>
<div class="whb-column whb-col-mobile whb-hidden-lg whb-empty-column">
</div>
</div>
</div>
</div>
</div>
</header>
<div class="wd-page-content main-page-wrapper">
<main class="wd-content-layout content-layout-wrapper container" role="main">
<div class="wd-content-area site-content">
<article id="post-18" class="entry-content post-18 page type-page status-publish hentry">
<div data-elementor-type="wp-page" data-elementor-id="18" class="elementor elementor-18">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-32ec6ea5 wd-section-stretch-content elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="32ec6ea5" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-46b9639" data-id="46b9639" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-6962747f elementor-widget elementor-widget-slider_revolution" data-id="6962747f" data-element_type="widget" data-widget_type="slider_revolution.default">
<div class="elementor-widget-container">
<div class="wp-block-themepunch-revslider">
<p class="rs-p-wp-fix"></p>
<sr7-module data-alias="main-slider" data-id="1" id="woodmart-main-slider" class="rs-ov-hidden" data-version="6.7.20">
<sr7-adjuster></sr7-adjuster>
<sr7-content>
<sr7-slide id="woodmart-main-slider-1" data-key="1">
</sr7-slide>
<sr7-slide id="woodmart-main-slider-9" data-key="9">
</sr7-slide>
<sr7-slide id="woodmart-main-slider-3" data-key="3">
</sr7-slide>
<sr7-slide id="woodmart-main-slider-4" data-key="4">
</sr7-slide>
</sr7-content>
<image_lists style="display:none">
<img data-src="//eonhk.com/wp-content/uploads/2026/06/Website-Bannar.jpg" data-libid="14064" data-lib="medialibrary" title="Website Bannar" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjYvMDYvV2Vic2l0ZS1CYW5uYXIuanBn"/>
<img data-src="//eonhk.com/wp-content/uploads/2025/10/wwwwwww-1-02.jpg" data-libid="13607" data-lib="medialibrary" title="wwwwwww-1-02" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjUvMTAvd3d3d3d3dy0xLTAyLmpwZw=="/>
<img data-src="//eonhk.com/wp-content/uploads/2025/10/rwrwrw-02.jpg" data-libid="13606" data-lib="medialibrary" title="rwrwrw-02" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjUvMTAvcndyd3J3LTAyLmpwZw=="/>
<img loading="lazy" data-src="//eonhk.com/wp-content/uploads/2025/10/eeeee-02.jpg" data-libid="13605" data-lib="medialibrary" title="eeeee-02" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjUvMTAvZWVlZWUtMDIuanBn"/>
<img loading="lazy" data-src="//eonhk.com/wp-content/uploads/2025/10/fffff-1-02.jpg" data-libid="13604" data-lib="medialibrary" title="fffff-1-02" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjUvMTAvZmZmZmYtMS0wMi5qcGc="/>
</image_lists>
</sr7-module>
<script>
SR7.PMH ??={}; SR7.PMH["woodmart-main-slider"] = {cn:0,state:false,fn: function() { if (_tpt!==undefined && _tpt.prepareModuleHeight !== undefined) { _tpt.prepareModuleHeight({id:"woodmart-main-slider",el:[495,495,476,500,700],type:'standard',shdw:'0',gh:[495,495,476,500,700],gw:[1240,1240,1024,778,480],vpt:['20%','20%','20%','20%','20%'],size:{fullWidth:true, fullHeight:false},mh:'0',onh:0,onw:0,bg:{color:'{"type":"solid","orig":"#f8f8f8","string":"rgba(248, 248, 248, 1)"}'},plType:'0',plColor:'#FFFFFF'}); SR7.PMH["woodmart-main-slider"].state=true;} else if((SR7.PMH["woodmart-main-slider"].cn++)<100) setTimeout( SR7.PMH["woodmart-main-slider"].fn,19);}};SR7.PMH["woodmart-main-slider" ].fn();
</script>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-7048119e elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="7048119e" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-130f8b91" data-id="130f8b91" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-549bfbfd wd-width-100 elementor-widget elementor-widget-wd_title" data-id="549bfbfd" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-medium text-center">
<div class="title-subtitle subtitle-color-default subtitle-style-default wd-fontsize-xs">
EON COLLECTIONS </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-xl">FEATURED CATEGORIES</h4>
</div>
<div class="title-after_title reset-last-child wd-fontsize-s">
Best Furniture and AV Equipment Rental Service. </div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-622e4d87 wd-width-100 wd-nav-accordion-mb-on elementor-widget elementor-widget-wd_product_categories" data-id="622e4d87" data-element_type="widget" data-widget_type="wd_product_categories.default">
<div class="elementor-widget-container">
<div class="wd-cats-element">
<div class="wd-masonry wd-grid-f-col wd-masonry-first wd-cats products woocommerce columns-4 elements-grid" style="--wd-col-lg:4;--wd-col-md:4;--wd-col-sm:2;--wd-gap-lg:20px;--wd-gap-sm:10px;">
<div class="wd-col wd-wider category-grid-item wd-cat cat-design-center wd-with-subcat product-category product first" data-loop="1">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="1200" height="1200" src="https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg" class="attachment-full size-full" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg 1200w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-700x700.jpg 700w" sizes="(max-width: 1200px) 100vw, 1200px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Outdoor 戶外傢俬 <mark class="count">(50)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/">
50 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" class="category-link wd-fill" aria-label="Product category outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac"></a>
</div>
</div>
<div class="wd-col category-grid-item wd-cat cat-design-center wd-with-subcat product-category product" data-loop="2">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/furniture/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/09/SF66r-800x800.png" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF66r-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/SF66r.png 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Furniture 傢俬 <mark class="count">(548)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/furniture/">
548 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/furniture/" class="category-link wd-fill" aria-label="Product category furniture"></a>
</div>
</div>
<div class="wd-col category-grid-item wd-cat cat-design-center wd-with-subcat product-category product" data-loop="3">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/coolers/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/09/MS94e-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/09/MS94e-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/MS94e.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Cooler & Heater <mark class="count">(9)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/coolers/">
9 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/coolers/" class="category-link wd-fill" aria-label="Product category coolers"></a>
</div>
</div>
<div class="wd-col category-grid-item wd-cat cat-design-center wd-with-subcat product-category product last" data-loop="4">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/10/Line-up-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/10/Line-up-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-860x860.jpg 860w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/10/Line-up.jpg 1180w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌 <mark class="count">(23)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/">
23 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" class="category-link wd-fill" aria-label="Product category barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c"></a>
</div>
</div>
<div class="wd-col category-grid-item wd-cat cat-design-center wd-with-subcat product-category product first" data-loop="5">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/backstage-equipment/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="781" height="800" src="https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-781x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-781x800.jpg 781w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-293x300.jpg 293w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-768x787.jpg 768w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-700x717.jpg 700w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-150x154.jpg 150w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category.jpg 1037w" sizes="(max-width: 781px) 100vw, 781px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Backstage Equipment <mark class="count">(28)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/backstage-equipment/">
28 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/backstage-equipment/" class="category-link wd-fill" aria-label="Product category backstage-equipment"></a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-4304911 wd-section-stretch elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4304911" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-17985c08" data-id="17985c08" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-5ce21e0f wd-width-100 elementor-widget elementor-widget-wd_title" data-id="5ce21e0f" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-medium text-center">
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-xl">Hot Items</h4>
</div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-f9c2972 elementor-widget elementor-widget-wd_products_tabs" data-id="f9c2972" data-element_type="widget" data-widget_type="wd_products_tabs.default">
<div class="elementor-widget-container">
<div class="wd-tabs wd-products-tabs tabs-design-default">
<div class="wd-tabs-header text-center">
<div class="wd-nav-wrapper wd-nav-tabs-wrapper tabs-navigation-wrapper">
<ul class="wd-nav wd-nav-tabs products-tabs-title wd-style-underline wd-icon-pos-top">
<li data-atts="{"layout":"grid","pagination":"","pagination_arrows_position":null,"items_per_page":"8","spacing":"20","spacing_tablet":false,"spacing_mobile":false,"columns":{"unit":"px","size":4,"sizes":[]},"products_masonry":"","products_different_sizes":"","product_quantity":"","product_hover":"inherit","sale_countdown":"0","stretch_product_tablet":0,"stretch_product_mobile":0,"stock_progress_bar":"0","highlighted_products":0,"products_divider":null,"products_bordered_grid":"0","products_bordered_grid_style":null,"products_with_background":"0","products_shadow":"0","products_color_scheme":"default","img_size":"large","elementor":true,"sync_parent_id":null,"slides_per_view":null,"scroll_per_page":null,"center_mode":null,"wrap":null,"autoheight":null,"autoplay":null,"speed":null,"scroll_carousel_init":null,"disable_overflow_carousel":null,"hide_prev_next_buttons":null,"carousel_arrows_position":null,"hide_pagination_control":null,"dynamic_pagination_control":null,"hide_scrollbar":null,"carousel_sync":null,"sync_child_id":null,"img_size_custom":null,"stretch_product":null,"grid_gallery":"","grid_gallery_control":null,"grid_gallery_enable_arrows":null,"lazy_loading":"no","post_type":"featured","ajax_recently_viewed":null,"include":null,"taxonomies":"","orderby":"","offset":"","query_type":"OR","order":"","hide_out_of_stock":"no","meta_key":null,"exclude":""}" class=" wd-active">
<a href="#" class="wd-nav-link">
<span class="tab-label nav-link-text">
</span>
</a>
</li>
</ul>
</div>
</div>
<div class="wd-tabs-content-wrapper">
<div class="wd-sticky-loader"><span class="wd-loader"></span></div>
<div class="wd-products-element wd-tab-content wd-active wd-in">
<div class="products wd-products grid-columns-4 elements-grid wd-grid-g" data-paged="1" data-atts="{"speed":null,"slides_per_view":null,"wrap":null,"autoplay":null,"autoheight":null,"hide_pagination_control":null,"dynamic_pagination_control":null,"hide_prev_next_buttons":null,"carousel_arrows_position":null,"hide_scrollbar":null,"scroll_per_page":null,"center_mode":null,"post_type":"featured","spacing_tablet":false,"spacing_mobile":false,"carousel_sync":null,"sync_parent_id":null,"sync_child_id":null,"scroll_carousel_init":null,"disable_overflow_carousel":null,"include":null,"meta_key":null,"ajax_recently_viewed":null,"pagination_arrows_position":null,"items_per_page":"8","columns":{"unit":"px","size":4,"sizes":[]},"products_masonry":"","products_different_sizes":"","product_quantity":"","sale_countdown":"0","stretch_product":null,"stock_progress_bar":"0","products_divider":null,"products_bordered_grid":"0","products_bordered_grid_style":null,"products_with_background":"0","products_shadow":"0","img_size":"large","img_size_custom":null,"grid_gallery_control":null,"grid_gallery_enable_arrows":null,"force_not_ajax":"no","wrapper_classes":" wd-tab-content wd-active wd-in","elementor":true}" data-source="shortcode" data-columns="4" data-grid-gallery="" style="--wd-col-lg:4;--wd-col-md:4;--wd-col-sm:2;--wd-gap-lg:20px;--wd-gap-sm:10px;">
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-13832 status-publish instock product_cat-outdoor-items has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="1" data-id="13832">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/ms300-food-booth-container-reception-container/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2026/03/MS300-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2026/03/MS300-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/03/MS300-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/03/MS300-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/03/MS300-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/03/MS300-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/03/MS300-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/03/MS300.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/ms300-food-booth-container-reception-container/" aria-label="Product image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1.jpg 1500w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="13832" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/ms300-food-booth-container-reception-container/">MS300 Food Booth Container / Reception Container</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 200 x 150 x 300H cm
With Lighting & Air-conditioning
For custom made, please WhatsApp us at 9889 4137 </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="b27974f013" data-product-id="13832" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/ms300-food-booth-container-reception-container/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_13832" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="13832" data-product_sku="MS300" aria-label="Read more about “MS300 Food Booth Container / Reception Container”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_13832" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/ms300-food-booth-container-reception-container/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="13832"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-11301 status-publish instock product_cat-sofa- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="2" data-id="11301">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/loop-left-sofa/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF105w-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF105w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF105w.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/loop-left-sofa/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1200" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w.jpg 1200w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-400x267.jpg 400w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-768x512.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-700x467.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-150x100.jpg 150w" sizes="(max-width: 1200px) 100vw, 1200px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="11301" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/loop-left-sofa/">SF105w Loop Left Sofa</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
White Linking Sofa
Link & Loop Furniture
白色環形梳化沙發
創意梳化沙發
150 x 80 x 43SH/85H (cm) </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="b27974f013" data-product-id="11301" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/loop-left-sofa/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_11301" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="11301" data-product_sku="SF105w" aria-label="Read more about “SF105w Loop Left Sofa”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_11301" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/loop-left-sofa/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="11301"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-11304 status-publish last instock product_cat-sofa- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="3" data-id="11304">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/loop-right-sofa/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF106w-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF106w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF106w.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/loop-right-sofa/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1200" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w.jpg 1200w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-400x267.jpg 400w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-768x512.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-700x467.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-150x100.jpg 150w" sizes="(max-width: 1200px) 100vw, 1200px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="11304" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/loop-right-sofa/">SF106w Loop Right Sofa</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
White Linking Sofa
Link & Loop Furniture
白色環形梳化沙發
創意梳化沙發
150 x 80 x 43SH/85H (cm) </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="b27974f013" data-product-id="11304" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/loop-right-sofa/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_11304" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="11304" data-product_sku="SF106w" aria-label="Read more about “SF106w Loop Right Sofa”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_11304" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/loop-right-sofa/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="11304"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-11313 status-publish first instock product_cat-sofa- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="4" data-id="11313">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/loop-90-sofa/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF109w-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF109w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF109w.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/loop-90-sofa/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1200" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF109w-1.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF109w-1.jpg 1200w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-1-400x267.jpg 400w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-1-768x512.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-1-700x467.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-1-150x100.jpg 150w" sizes="(max-width: 1200px) 100vw, 1200px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="11313" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/loop-90-sofa/">SF109w Loop 90 Sofa</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
White Linking Sofa
Link & Loop Furniture
白色環形梳化沙發
創意梳化沙發
100 x 100 x 43SH/85H (cm) </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="b27974f013" data-product-id="11313" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/loop-90-sofa/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_11313" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="11313" data-product_sku="SF109w" aria-label="Read more about “SF109w Loop 90 Sofa”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_11313" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/loop-90-sofa/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="11313"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-9664 status-publish instock product_cat-chair- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="5" data-id="9664">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/baltas-u-chair/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/10/AC20u-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/10/AC20u-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/10/AC20u.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/baltas-u-chair/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1067" height="800" src="https://eonhk.com/wp-content/uploads/2025/10/230920a1-1067x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/10/230920a1-1067x800.jpg 1067w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-400x300.jpg 400w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-768x576.jpg 768w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-1536x1152.jpg 1536w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-700x525.jpg 700w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-150x113.jpg 150w, https://eonhk.com/wp-content/uploads/2025/10/230920a1.jpg 2000w" sizes="(max-width: 1067px) 100vw, 1067px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="9664" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/baltas-u-chair/">AC19ud Iswed-u Chair</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 44 x 54 x 42SH (79H) cm
Colour: Blue 藍色
<span style="color: white">Dining Chair / Conference Chair 宴會椅凳 /會議椅凳 Conference Furniture / Dining Furniture 會議傢俬傢俱 / 宴會傢俬傢俱</span> </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="b27974f013" data-product-id="9664" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/baltas-u-chair/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_9664" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="9664" data-product_sku="AC19ud" aria-label="Read more about “AC19ud Iswed-u Chair”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_9664" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/baltas-u-chair/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="9664"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-10489 status-publish instock product_cat-stool- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="6" data-id="10489">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/white-stool/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/white-stool/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1067" height="800" src="https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-1067x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-1067x800.jpg 1067w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-400x300.jpg 400w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-768x576.jpg 768w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-1536x1152.jpg 1536w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-700x525.jpg 700w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-150x113.jpg 150w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf.jpg 2048w" sizes="(max-width: 1067px) 100vw, 1067px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="10489" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/white-stool/">BS99w White Stool</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 49 x 47 x 79SH cm
Colour: White 白色
<span style="color: white">x</span> </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="b27974f013" data-product-id="10489" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/white-stool/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_10489" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="10489" data-product_sku="BS99w" aria-label="Read more about “BS99w White Stool”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_10489" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/white-stool/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="10489"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-12809 status-publish last instock product_cat-stool- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="7" data-id="12809">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/bs99b-black-stool/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2025/06/BS99b-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/06/BS99b-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2025/06/BS99b.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/bs99b-black-stool/" aria-label="Product image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3.jpg 1200w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="12809" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/bs99b-black-stool/">BS99b Black Stool</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 49 x 47 x 79SH cm
Colour: Black 黑色
<span style="color: white">x</span> </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="b27974f013" data-product-id="12809" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/bs99b-black-stool/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_12809" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="12809" data-product_sku="BS99b" aria-label="Read more about “BS99b Black Stool”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_12809" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/bs99b-black-stool/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="12809"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-10481 status-publish first instock product_cat-dinning-table-- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="8" data-id="10481">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/ikon-w-table/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/12/TA131w-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/12/TA131w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/12/TA131w.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/ikon-w-table/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1067" height="800" src="https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-1067x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-1067x800.jpg 1067w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-400x300.jpg 400w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-768x576.jpg 768w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-1536x1152.jpg 1536w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-700x525.jpg 700w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-150x113.jpg 150w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152.jpg 2048w" sizes="(max-width: 1067px) 100vw, 1067px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="10481" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/ikon-w-table/">TA131w Cone-dw Table</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 80Dia x75H cm
Colour: White 白色
<span style="color: white">x</span> </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="b27974f013" data-product-id="10481" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/ikon-w-table/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_10481" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="10481" data-product_sku="TA131w" aria-label="Read more about “TA131w Cone-dw Table”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_10481" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/ikon-w-table/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="10481"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-1dde4746 elementor-hidden-desktop elementor-hidden-tablet elementor-hidden-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="1dde4746" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-no">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e50177c" data-id="1e50177c" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-4b4204d7 elementor-widget elementor-widget-wd_slider" data-id="4b4204d7" data-element_type="widget" data-widget_type="wd_slider.default">
<div class="elementor-widget-container">
<link rel="stylesheet" id="xts-style-term-70-css" href="https://eonhk.com/wp-content/uploads/2024/12/xts-term-70-1734090951.css?ver=8.0.4" type="text/css" media="all"> <style> #slide-609 .wd-slide-container {
--wd-align-items: center;
--wd-justify-content: left;
}
#slide-609.woodmart-loaded .wd-slide-bg {
}
#slide-609 .wd-slide-bg {
background-color:rgb(122,181,50); background-size:cover;
background-position:center center; }
@media (max-width: 1024px) {
#slide-609 .wd-slide-bg {
}
}
@media (max-width: 767px) {
#slide-609 .wd-slide-bg {
}
}
#slide-621 .wd-slide-container {
--wd-align-items: center;
--wd-justify-content: left;
}
#slide-621.woodmart-loaded .wd-slide-bg {
}
#slide-621 .wd-slide-bg {
background-color:rgb(122,181,50); background-size:cover;
background-position:center center; }
@media (max-width: 1024px) {
#slide-621 .wd-slide-bg {
}
}
@media (max-width: 767px) {
#slide-621 .wd-slide-bg {
}
}
#slide-628 .wd-slide-container {
--wd-align-items: center;
--wd-justify-content: left;
}
#slide-628.woodmart-loaded .wd-slide-bg {
}
#slide-628 .wd-slide-bg {
background-color:rgb(122,181,50); background-size:cover;
background-position:center center; }
@media (max-width: 1024px) {
#slide-628 .wd-slide-bg {
}
}
@media (max-width: 767px) {
#slide-628 .wd-slide-bg {
}
}
</style>
<div id="slider-70" data-id="70" class="wd-slider wd-carousel-container wd-anim-fade wd-section-stretch">
<div class="wd-carousel-inner">
<div class="wd-carousel wd-grid scroll-init" data-wrap="yes" data-autoheight="yes" data-scroll_per_page="yes" data-sliding_speed="700" data-effect="fade" style="--wd-col-lg:1;--wd-col-md:1;--wd-col-sm:1;">
<div class="wd-carousel-wrap ">
<div id="slide-609" class="wd-slide wd-carousel-item woodmart-loaded" >
<div class="container wd-slide-container content-full-width wd-padding-off">
<div class="wd-slide-inner wd-animation-normal wd-animation-zoom-in">
<style>.elementor-609 .elementor-element.elementor-element-4d8b30f > .elementor-container > .elementor-column > .elementor-widget-wrap{align-content:center;align-items:center;}.elementor-609 .elementor-element.elementor-element-4d8b30f:not(.elementor-motion-effects-element-type-background), .elementor-609 .elementor-element.elementor-element-4d8b30f > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-image:url("https://eonhk.com/wp-content/uploads/2021/08/wd-bestsellers.svg");background-position:center center;background-repeat:no-repeat;background-size:contain;}.elementor-609 .elementor-element.elementor-element-4d8b30f{transition:background 0.3s, border 0.3s, border-radius 0.3s, box-shadow 0.3s;padding:15px 15px 15px 15px;}.elementor-609 .elementor-element.elementor-element-4d8b30f > .elementor-background-overlay{transition:background 0.3s, border-radius 0.3s, opacity 0.3s;}.elementor-609 .elementor-element.elementor-element-67e7f900{text-align:left;}.elementor-609 .elementor-element.elementor-element-482f536a .title-after_title, .elementor-609 .elementor-element.elementor-element-482f536a .title-subtitle, .elementor-609 .elementor-element.elementor-element-482f536a .woodmart-title-container{max-width:100%;}.elementor-609 .elementor-element.elementor-element-482f536a .title-subtitle{color:rgba(255,255,255,0.8);font-size:16px;font-weight:700;}.elementor-609 .elementor-element.elementor-element-482f536a .title{font-size:54px;font-weight:600;}.elementor-609 .elementor-element.elementor-element-7b24dee2{margin:0px 0px 20px 0px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;font-weight:500;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;font-weight:500;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;font-weight:500;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-27a4c650{width:auto;max-width:auto;}@media(max-width:1024px){.elementor-609 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:16px;}.elementor-609 .elementor-element.elementor-element-482f536a .title{font-size:50px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}}@media(max-width:767px){.elementor-609 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:14px;}.elementor-609 .elementor-element.elementor-element-482f536a .title{font-size:26px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:14px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:13px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:14px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:13px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:14px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:13px;}}</style> <div data-elementor-type="wp-post" data-elementor-id="609" class="elementor elementor-609">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-4d8b30f elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4d8b30f" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-467c08d9" data-id="467c08d9" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-67e7f900 wd-animation-slide-from-left wd_delay_200 wd-animation-normal elementor-widget elementor-widget-image" data-id="67e7f900" data-element_type="widget" data-widget_type="image.default">
<div class="elementor-widget-container">
<img loading="lazy" decoding="async" width="850" height="850" src="https://eonhk.com/wp-content/uploads/2021/08/best-seller1.png" class="attachment-full size-full wp-image-8615" alt="" srcset="https://eonhk.com/wp-content/uploads/2021/08/best-seller1.png 850w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-430x430.png 430w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-150x150.png 150w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-700x700.png 700w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-300x300.png 300w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-800x800.png 800w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-768x768.png 768w" sizes="(max-width: 850px) 100vw, 850px" /> </div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-511637f1" data-id="511637f1" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-482f536a wd-animation-slide-from-bottom wd-width-100 wd-animation-normal wd_delay_100 elementor-widget elementor-widget-wd_title" data-id="482f536a" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-white wd-title-style-default wd-title-size-default text-left">
<div class="title-subtitle subtitle-color-white subtitle-style-default wd-fontsize-xs">
EON PRODUCT </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">Vert-u Sofa -<br />
Classic Design.</h4>
</div>
</div>
</div>
</div>
<section class="wd-negative-gap elementor-section elementor-inner-section elementor-element elementor-element-7b24dee2 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="7b24dee2" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-32a297ba" data-id="32a297ba" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-7e43ab12 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="7e43ab12" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
TYPE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Blue Double Seater Sofa</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-7befda0a" data-id="7befda0a" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-56b19fd2 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="56b19fd2" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
MATERIALS: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Wood, Leather, Metal</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-13bf118b" data-id="13bf118b" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-38b86898 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="38b86898" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
SIZE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>40 x 70 x 46SHcm (82cm)</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<div class="elementor-element elementor-element-27a4c650 elementor-widget__width-auto wd-animation-slide-from-bottom wd_delay_300 wd-animation-normal elementor-widget elementor-widget-wd_button" data-id="27a4c650" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-bordered btn-shape-rectangle btn-size-default btn-color-white btn-icon-pos-right" href="https://eonhk.com/contact-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
CONTACT NOW </span>
</a>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
</div>
<div class="wd-slide-bg wd-fill"></div>
</div>
<div id="slide-621" class="wd-slide wd-carousel-item" >
<div class="container wd-slide-container content-full-width wd-padding-off">
<div class="wd-slide-inner wd-animation-normal wd-animation-zoom-in">
<style>.elementor-621 .elementor-element.elementor-element-4d8b30f > .elementor-container > .elementor-column > .elementor-widget-wrap{align-content:center;align-items:center;}.elementor-621 .elementor-element.elementor-element-4d8b30f:not(.elementor-motion-effects-element-type-background), .elementor-621 .elementor-element.elementor-element-4d8b30f > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-image:url("https://eonhk.com/wp-content/uploads/2021/08/wd-bestsellers.svg");background-position:center center;background-repeat:no-repeat;background-size:contain;}.elementor-621 .elementor-element.elementor-element-4d8b30f{transition:background 0.3s, border 0.3s, border-radius 0.3s, box-shadow 0.3s;padding:15px 15px 15px 15px;}.elementor-621 .elementor-element.elementor-element-4d8b30f > .elementor-background-overlay{transition:background 0.3s, border-radius 0.3s, opacity 0.3s;}.elementor-621 .elementor-element.elementor-element-67e7f900{text-align:left;}.elementor-621 .elementor-element.elementor-element-482f536a .title-after_title, .elementor-621 .elementor-element.elementor-element-482f536a .title-subtitle, .elementor-621 .elementor-element.elementor-element-482f536a .woodmart-title-container{max-width:100%;}.elementor-621 .elementor-element.elementor-element-482f536a .title-subtitle{color:rgba(255,255,255,0.8);font-size:16px;font-weight:700;}.elementor-621 .elementor-element.elementor-element-482f536a .title{font-size:54px;font-weight:600;}.elementor-621 .elementor-element.elementor-element-7b24dee2{margin:0px 0px 20px 0px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;font-weight:500;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;font-weight:500;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;font-weight:500;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-27a4c650{width:auto;max-width:auto;}@media(max-width:1024px){.elementor-621 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:16px;}.elementor-621 .elementor-element.elementor-element-482f536a .title{font-size:50px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}}@media(max-width:767px){.elementor-621 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:14px;}.elementor-621 .elementor-element.elementor-element-482f536a .title{font-size:26px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:14px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:13px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:14px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:13px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:14px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:13px;}}</style> <div data-elementor-type="wp-post" data-elementor-id="621" class="elementor elementor-621">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-4d8b30f elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4d8b30f" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-467c08d9" data-id="467c08d9" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-67e7f900 wd-animation-slide-from-left wd_delay_200 wd-animation-normal elementor-widget elementor-widget-image" data-id="67e7f900" data-element_type="widget" data-widget_type="image.default">
<div class="elementor-widget-container">
<img loading="lazy" decoding="async" width="850" height="850" src="https://eonhk.com/wp-content/uploads/2021/08/best-seller2.png" class="attachment-full size-full wp-image-8616" alt="" srcset="https://eonhk.com/wp-content/uploads/2021/08/best-seller2.png 850w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-430x430.png 430w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-150x150.png 150w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-700x700.png 700w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-300x300.png 300w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-800x800.png 800w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-768x768.png 768w" sizes="(max-width: 850px) 100vw, 850px" /> </div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-511637f1" data-id="511637f1" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-482f536a wd-animation-slide-from-bottom wd-width-100 wd-animation-normal wd_delay_100 elementor-widget elementor-widget-wd_title" data-id="482f536a" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-white wd-title-style-default wd-title-size-default text-left">
<div class="title-subtitle subtitle-color-white subtitle-style-default wd-fontsize-xs">
EON PRODUCT </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">Curved -<br />
Sofa<br />
</h4>
</div>
</div>
</div>
</div>
<section class="wd-negative-gap elementor-section elementor-inner-section elementor-element elementor-element-7b24dee2 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="7b24dee2" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-32a297ba" data-id="32a297ba" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-7e43ab12 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="7e43ab12" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
TYPE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>White Sofa</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-7befda0a" data-id="7befda0a" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-56b19fd2 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="56b19fd2" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
MATERIALS: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Wood, Leather, Metal</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-13bf118b" data-id="13bf118b" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-38b86898 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="38b86898" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
SIZE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>180 x 90 x 45SH (cm)</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<div class="elementor-element elementor-element-27a4c650 elementor-widget__width-auto wd-animation-slide-from-bottom wd_delay_300 wd-animation-normal elementor-widget elementor-widget-wd_button" data-id="27a4c650" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-bordered btn-shape-rectangle btn-size-default btn-color-white btn-icon-pos-right" href="https://eonhk.com/contact-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
CONTACT NOW </span>
</a>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
</div>
<div class="wd-slide-bg wd-fill"></div>
</div>
<div id="slide-628" class="wd-slide wd-carousel-item" >
<div class="container wd-slide-container content-full-width wd-padding-off">
<div class="wd-slide-inner wd-animation-normal wd-animation-zoom-in">
<style>.elementor-628 .elementor-element.elementor-element-4d8b30f > .elementor-container > .elementor-column > .elementor-widget-wrap{align-content:center;align-items:center;}.elementor-628 .elementor-element.elementor-element-4d8b30f:not(.elementor-motion-effects-element-type-background), .elementor-628 .elementor-element.elementor-element-4d8b30f > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-image:url("https://eonhk.com/wp-content/uploads/2021/08/wd-bestsellers.svg");background-position:center center;background-repeat:no-repeat;background-size:contain;}.elementor-628 .elementor-element.elementor-element-4d8b30f{transition:background 0.3s, border 0.3s, border-radius 0.3s, box-shadow 0.3s;padding:15px 15px 15px 15px;}.elementor-628 .elementor-element.elementor-element-4d8b30f > .elementor-background-overlay{transition:background 0.3s, border-radius 0.3s, opacity 0.3s;}.elementor-628 .elementor-element.elementor-element-67e7f900{text-align:left;}.elementor-628 .elementor-element.elementor-element-482f536a .title-after_title, .elementor-628 .elementor-element.elementor-element-482f536a .title-subtitle, .elementor-628 .elementor-element.elementor-element-482f536a .woodmart-title-container{max-width:100%;}.elementor-628 .elementor-element.elementor-element-482f536a .title-subtitle{color:rgba(255,255,255,0.8);font-size:16px;font-weight:700;}.elementor-628 .elementor-element.elementor-element-482f536a .title{font-size:54px;font-weight:600;}.elementor-628 .elementor-element.elementor-element-7b24dee2{margin:0px 0px 20px 0px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;font-weight:500;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;font-weight:500;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;font-weight:500;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-27a4c650{width:auto;max-width:auto;}@media(max-width:1024px){.elementor-628 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:16px;}.elementor-628 .elementor-element.elementor-element-482f536a .title{font-size:50px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}}@media(max-width:767px){.elementor-628 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:14px;}.elementor-628 .elementor-element.elementor-element-482f536a .title{font-size:26px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:14px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:13px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:14px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:13px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:14px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:13px;}}</style> <div data-elementor-type="wp-post" data-elementor-id="628" class="elementor elementor-628">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-4d8b30f elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4d8b30f" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-467c08d9" data-id="467c08d9" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-67e7f900 wd-animation-slide-from-left wd_delay_200 wd-animation-normal elementor-widget elementor-widget-image" data-id="67e7f900" data-element_type="widget" data-widget_type="image.default">
<div class="elementor-widget-container">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051.png" class="attachment-full size-full wp-image-8623" alt="" srcset="https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051.png 800w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-430x430.png 430w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-150x150.png 150w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-700x700.png 700w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-300x300.png 300w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-768x768.png 768w" sizes="(max-width: 800px) 100vw, 800px" /> </div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-511637f1" data-id="511637f1" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-482f536a wd-animation-slide-from-bottom wd-width-100 wd-animation-normal wd_delay_100 elementor-widget elementor-widget-wd_title" data-id="482f536a" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-white wd-title-style-default wd-title-size-default text-left">
<div class="title-subtitle subtitle-color-white subtitle-style-default wd-fontsize-xs">
EON PRODUCT </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">SF77e & SF74e Sofa -<br />
Modern Pattern.</h4>
</div>
</div>
</div>
</div>
<section class="wd-negative-gap elementor-section elementor-inner-section elementor-element elementor-element-7b24dee2 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="7b24dee2" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-32a297ba" data-id="32a297ba" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-7e43ab12 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="7e43ab12" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
TYPE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Outdoor sofa Double Seat</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-7befda0a" data-id="7befda0a" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-56b19fd2 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="56b19fd2" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
MATERIALS: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Metal, Wood, Polymer</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-13bf118b" data-id="13bf118b" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-38b86898 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="38b86898" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
SIZE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>140 x 80 x 44SH (cm)</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<div class="elementor-element elementor-element-27a4c650 elementor-widget__width-auto wd-animation-slide-from-bottom wd_delay_300 wd-animation-normal elementor-widget elementor-widget-wd_button" data-id="27a4c650" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-bordered btn-shape-rectangle btn-size-default btn-color-white btn-icon-pos-right" href="https://eonhk.com/contact-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
CONTACT NOW </span>
</a>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
</div>
<div class="wd-slide-bg wd-fill"></div>
</div>
</div>
</div>
<div class="wd-nav-arrows wd-slider-arrows wd-custom-style wd-style-1 wd-pos-sep color-scheme-light">
<div class="wd-btn-arrow wd-prev">
<div class="wd-arrow-inner"></div>
</div>
<div class="wd-btn-arrow wd-next">
<div class="wd-arrow-inner"></div>
</div>
</div>
</div>
<div class="wd-nav-pagin-wrap wd-slider-pagin wd-custom-style wd-style-shape-1 text-center color-scheme-light">
<ul class="wd-nav-pagin"></ul>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-71a488cb wd-section-stretch elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="71a488cb" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-399aa291" data-id="399aa291" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-bf882d8 elementor-hidden-tablet elementor-hidden-mobile elementor-widget elementor-widget-wd_text_block" data-id="bf882d8" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left color-#8E8E8E color-scheme-custom">
EON Rental Limited
</div>
</div>
</div>
<div class="elementor-element elementor-element-7f0e1c55 wd-width-100 elementor-widget elementor-widget-wd_title" data-id="7f0e1c55" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-default text-left">
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">WHO WE ARE</h4>
</div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-98bbf72 elementor-widget elementor-widget-wd_text_block" data-id="98bbf72" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
<p>EON Rental Limited provides Furniture & AV equipment rental service and Marquee solution for events, exhibitions, road shows and promotion campaigns in Hong Kong since 2010.</p><p>Our team is our biggest asset and most of them have more than 15 years of experience in exhibition services and event management fields. Thanks for their sharing of professional knowledge and experience, we are able to expand our business in an extremely fast pace.</p>
</div>
</div>
</div>
<div class="elementor-element elementor-element-1fd6c301 elementor-widget__width-auto elementor-widget elementor-widget-wd_button" data-id="1fd6c301" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-default btn-shape-rectangle btn-size-default btn-color-primary btn-icon-pos-right" href="https://eonhk.com/about-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
Read More </span>
</a>
</div>
</div>
</div>
<div class="elementor-element elementor-element-4eba9bfb elementor-widget__width-auto elementor-widget elementor-widget-wd_button" data-id="4eba9bfb" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-bordered btn-shape-rectangle btn-size-default btn-icon-pos-right" href="https://eonhk.com/contact-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
Contact us </span>
</a>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-23ed652b wd-section-stretch elementor-hidden-desktop elementor-hidden-tablet elementor-hidden-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="23ed652b" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4d818f90" data-id="4d818f90" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-4d6e8f90 wd-width-100 elementor-widget elementor-widget-wd_title" data-id="4d6e8f90" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-default text-center">
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l"><strong>JOIN OUR NEWSLETTER NOW</strong></h4>
</div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-4fb924c elementor-widget elementor-widget-wd_text_block" data-id="4fb924c" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-center">
<p>Will be used in accordance with our <a href="#"><strong>Privacy Policy</strong></a></p>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-1c7377 elementor-hidden-desktop elementor-hidden-tablet elementor-hidden-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="1c7377" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7269e28e" data-id="7269e28e" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-6dac4ad8 wd-width-100 elementor-widget elementor-widget-wd_title" data-id="6dac4ad8" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-medium text-center">
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-xl">OUR LATEST NEWS</h4>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-64836ac wd-section-stretch elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="64836ac" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-3c461d67" data-id="3c461d67" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-c38d022 wd-width-100 elementor-widget elementor-widget-wd_title" data-id="c38d022" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-default text-center">
<div class="title-subtitle subtitle-color-default subtitle-style-default wd-fontsize-xs">
RECENT WORKS </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">EVENT ORGANISIED</h4>
</div>
<div class="title-after_title reset-last-child wd-fontsize-xs">
<p>Service in Exhibition Industry</p> </div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-3bd90c1 xtemos-show-demos elementor-widget elementor-widget-wd_button" data-id="3bd90c1" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-link btn-shape- btn-size-default btn-color-primary btn-icon-pos-right" href="https://eonhk.com/projects/">
<span class="wd-btn-text" data-elementor-setting-key="text">
View All </span>
</a>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-75 elementor-top-column elementor-element elementor-element-325a9367" data-id="325a9367" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-449616a8 wd-width-100 elementor-widget elementor-widget-wd_images_gallery" data-id="449616a8" data-element_type="widget" data-widget_type="wd_images_gallery.default">
<div class="elementor-widget-container">
<div class="wd-images-gallery wd-carousel-container" style="--wd-align-items:center; --wd-justify-content:center;">
<div class="wd-carousel-inner">
<div class="wd-carousel wd-grid" data-scroll_per_page="yes" style="--wd-col-lg:4;--wd-col-md:4;--wd-col-sm:1;--wd-gap-lg:2px;">
<div class="wd-carousel-wrap">
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190122-WA0241c_1555383742_p.jpg" alt="IMG-20190122-WA0241c_1555383742_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190123-WA0002c_1555383745_p.jpg" alt="IMG-20190123-WA0002c_1555383745_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190125-WA0015c_1555383741_p.jpg" alt="IMG-20190125-WA0015c_1555383741_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190221-WA0041c_1555383427_p.jpg" alt="IMG-20190221-WA0041c_1555383427_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190223-WA0078c_1555383430_p.jpg" alt="IMG-20190223-WA0078c_1555383430_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190226-WA0061c_1555383428_p.jpg" alt="IMG-20190226-WA0061c_1555383428_p">
</div>
</div>
</div>
<div class="wd-nav-arrows wd-pos-sep wd-hover-1 wd-icon-1">
<div class="wd-btn-arrow wd-prev wd-disabled">
<div class="wd-arrow-inner"></div>
</div>
<div class="wd-btn-arrow wd-next">
<div class="wd-arrow-inner"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</article>
</div>
</div>
<footer class="wd-footer footer-container color-scheme-dark">
<div class="container main-footer wd-entry-content">
<link rel="stylesheet" id="elementor-post-11213-css" href="https://eonhk.com/wp-content/uploads/elementor/css/post-11213.css?ver=1759918866" type="text/css" media="all">
<div data-elementor-type="wp-post" data-elementor-id="11213" class="elementor elementor-11213">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-5e8e784 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="5e8e784" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-fdef96f" data-id="fdef96f" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-858db24 elementor-widget elementor-widget-wd_image_or_svg" data-id="858db24" data-element_type="widget" data-widget_type="wd_image_or_svg.default">
<div class="elementor-widget-container">
<div class="wd-image text-left">
<a href="/" aria-label="Image link">
<img width="180" height="102" src="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png" class="attachment-180x size-180x" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png 180w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-150x85.png 150w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png 300w" sizes="(max-width: 180px) 100vw, 180px" /> </a>
</div>
</div>
</div>
<div class="elementor-element elementor-element-3344611 elementor-widget elementor-widget-wd_list" data-id="3344611" data-element_type="widget" data-widget_type="wd_list.default">
<div class="elementor-widget-container">
<ul class="wd-list color-scheme- wd-fontsize-xs wd-type-image wd-style-default text-left">
<li class="elementor-repeater-item-80be36b">
<span class="wd-icon"><img src="https://eonhk.com/wp-content/uploads/2021/08/wd-cursor-dark.svg" title="wd-cursor-dark" loading="lazy" width="14" height="14"></span>
<span class="wd-list-content list-content">
Address:
11B, Man Sun Logistic Centre, Hung Cheung Road, Tuen Mun, NT, Hong Kong </span>
</li>
<li class="elementor-repeater-item-c383cf6">
<span class="wd-icon"><img src="https://eonhk.com/wp-content/uploads/2021/08/wd-phone-dark.svg" title="wd-phone-dark" loading="lazy" width="14" height="14"></span>
<span class="wd-list-content list-content">
Tel: (852) 3568 2593 </span>
<a href="tel:+85235682593" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-e395cf1">
<span class="wd-icon"><img width="14" height="14" src="https://eonhk.com/wp-content/uploads/2025/04/whatsapp-14x14.png" class="attachment-14x14 size-14x14" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/04/whatsapp-14x14.png 14w, https://eonhk.com/wp-content/uploads/2025/04/whatsapp-298x300.png 298w, https://eonhk.com/wp-content/uploads/2025/04/whatsapp-150x151.png 150w, https://eonhk.com/wp-content/uploads/2025/04/whatsapp-430x430.png 430w, https://eonhk.com/wp-content/uploads/2025/04/whatsapp.png 509w" sizes="(max-width: 14px) 100vw, 14px" /></span>
<span class="wd-list-content list-content">
WhatsApp: (852) 9889 4137 </span>
<a href="https://wa.me/85298894137?text=Hi%20Eon%20https%3A%2F%2Feonhk.com" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-a511145">
<span class="wd-icon"><img width="16" height="16" src="https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01-16x16.jpg" class="attachment-16x16 size-16x16" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01-16x16.jpg 16w, https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01.jpg 400w" sizes="(max-width: 16px) 100vw, 16px" /></span>
<span class="wd-list-content list-content">
Fax: (852) 8148 3132 </span>
</li>
<li class="elementor-repeater-item-4bc0dff">
<span class="wd-icon"><img src="https://eonhk.com/wp-content/uploads/2021/08/wd-envelope-dark.svg" title="wd-envelope-dark" loading="lazy" width="14" height="14"></span>
<span class="wd-list-content list-content">
E-mail: [email protected] </span>
<a href="mailto:[email protected]" class="wd-fill" aria-label="List item link"></a>
</li>
</ul>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-4d26408" data-id="4d26408" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-0d7ae7e elementor-widget elementor-widget-wd_text_block" data-id="0d7ae7e" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
<p>Mission Statement</p>
</div>
</div>
</div>
<div class="elementor-element elementor-element-deb90e6 elementor-widget elementor-widget-wd_text_block" data-id="deb90e6" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
Energy and experience are what drive us at Eon to deliver the best furniture and AV equipment rental service in exhibition industry. We believe that smooth delivery and prompt action are our core strength.
</div>
</div>
</div>
<div class="elementor-element elementor-element-88398a6 gallery-spacing-custom elementor-widget elementor-widget-image-gallery" data-id="88398a6" data-element_type="widget" data-widget_type="image-gallery.default">
<div class="elementor-widget-container">
<div class="elementor-image-gallery">
<style>
#gallery-1 {
margin: auto;
}
#gallery-1 .gallery-item {
float: left;
margin-top: 10px;
text-align: center;
width: 50%;
}
#gallery-1 img {
border: 2px solid #cfcfcf;
}
#gallery-1 .gallery-caption {
margin-left: 0;
}
/* see gallery_shortcode() in wp-includes/media.php */
</style>
<div id='gallery-1' class='gallery galleryid-10919 gallery-columns-2 gallery-size-thumbnail'><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="no" href='https://eonhk.com/wp-content/uploads/2025/04/WhatsApp-QR-code-1744443693641.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2025/04/WhatsApp-QR-code-1744443693641-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" aria-describedby="gallery-1-11382" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/04/WhatsApp-QR-code-1744443693641-150x150.png 150w, https://eonhk.com/wp-content/uploads/2025/04/WhatsApp-QR-code-1744443693641.png 200w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt>
<dd class='wp-caption-text gallery-caption' id='gallery-1-11382'>
WhatsApp
</dd></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="no" href='https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" aria-describedby="gallery-1-8480" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2-301x300.jpg 301w, https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2.jpg 511w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt>
<dd class='wp-caption-text gallery-caption' id='gallery-1-8480'>
WeChat
</dd></dl><br style="clear: both" />
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-ae43079" data-id="ae43079" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-33a0188 elementor-widget elementor-widget-wd_text_block" data-id="33a0188" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
Hot Items
</div>
</div>
</div>
<div class="elementor-element elementor-element-c9a9600 elementor-widget elementor-widget-image-gallery" data-id="c9a9600" data-element_type="widget" data-widget_type="image-gallery.default">
<div class="elementor-widget-container">
<div class="elementor-image-gallery">
<style>
#gallery-2 {
margin: auto;
}
#gallery-2 .gallery-item {
float: left;
margin-top: 10px;
text-align: center;
width: 33%;
}
#gallery-2 img {
border: 2px solid #cfcfcf;
}
#gallery-2 .gallery-caption {
margin-left: 0;
}
/* see gallery_shortcode() in wp-includes/media.php */
</style>
<div id='gallery-2' class='gallery galleryid-10919 gallery-columns-3 gallery-size-thumbnail'><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="TA76-gcs (VE)" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxOSwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1RBNzYtZ2NzLVZFLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE.png 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF95u" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxNywidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGOTV1LmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF95u.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF95u-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF95u-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/SF95u.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF95n" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxNiwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGOTVuLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF95n.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF95n-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF95n-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/SF95n.png 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><br style="clear: both" /><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF73ux" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxNSwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGNzN1eC5wbmciLCJzbGlkZXNob3ciOiJjOWE5NjAwIn0%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF73ux.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF73ux-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF73ux-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux.png 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF66r" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxNCwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGNjZyLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF66r.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF66r-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF66r-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/SF66r.png 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF39w-03" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxMywidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGMzl3LTAzLmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF39w-03.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-1536x1536.jpg 1536w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-860x860.jpg 860w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03.jpg 1600w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><br style="clear: both" /><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="MS94w" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUwOCwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL01TOTR3LmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/MS94w.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/MS94w-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/MS94w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/MS94w.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="MS95b" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUwOSwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL01TOTViLmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/MS95b.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/MS95b-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/MS95b-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/MS95b.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF19w" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxMCwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGMTl3LmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF19w.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF19w-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF19w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/SF19w.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><br style="clear: both" /><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="MS94e" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUwNywidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL01TOTRlLmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/MS94e.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/MS94e-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/MS94e-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/MS94e.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="903_cover_1719824051" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODQ5NywidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcLzkwM19jb3Zlcl8xNzE5ODI0MDUxLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051.png 800w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="AC22w-01" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODQ5OCwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL0FDMjJ3LTAxLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/AC22w-01.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01.png 800w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><br style="clear: both" />
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-768e704" data-id="768e704" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-638d5cb elementor-widget elementor-widget-wd_text_block" data-id="638d5cb" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
Useful Links
</div>
</div>
</div>
<div class="elementor-element elementor-element-83b800d elementor-widget elementor-widget-wd_list" data-id="83b800d" data-element_type="widget" data-widget_type="wd_list.default">
<div class="elementor-widget-container">
<ul class="wd-list color-scheme- wd-fontsize-xs wd-type-image wd-style-default text-left">
<li class="elementor-repeater-item-80be36b">
<span class="wd-icon"></span>
<span class="wd-list-content list-content">
About EON </span>
<a href="https://eonhk.com/about-us/" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-679e2bc">
<span class="wd-icon"></span>
<span class="wd-list-content list-content">
FAQs </span>
<a href="/faqs" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-c383cf6">
<span class="wd-icon"></span>
<span class="wd-list-content list-content">
Terms & Conditions </span>
<a href="/terms-conditions/" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-4bc0dff">
<span class="wd-icon"></span>
<span class="wd-list-content list-content">
Contact Us </span>
<a href="/contact-us/" class="wd-fill" aria-label="List item link"></a>
</li>
</ul>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
<div class="wd-copyrights copyrights-wrapper wd-layout-two-columns">
<div class="container wd-grid-g">
<div class="wd-col-start reset-last-child">
© 2025 EON Rental Limited. All rights reserved. Powered by<a href="https://www.techcomm.com/" target="_blank"><span style="color:#777777"> Techcomm</span></a>. </div>
</div>
</div>
</footer>
</div>
</div>
<div class="wd-close-side wd-fill"></div>
<a href="#" class="scrollToTop" aria-label="Scroll to top button"></a>
<div class="mobile-nav wd-side-hidden wd-side-hidden-nav wd-left wd-opener-arrow"> <div class="wd-search-form">
<form role="search" method="get" class="searchform wd-cat-style-bordered woodmart-ajax-search" action="https://eonhk.com/" data-thumbnail="1" data-price="1" data-post_type="product" data-count="20" data-sku="0" data-symbols_count="3">
<input type="text" class="s" placeholder="Search for products" value="" name="s" aria-label="Search" title="Search for products" required/>
<input type="hidden" name="post_type" value="product">
<button type="submit" class="searchsubmit">
<span>
Search </span>
</button>
</form>
<div class="search-results-wrapper">
<div class="wd-dropdown-results wd-scroll wd-dropdown">
<div class="wd-scroll-content"></div>
</div>
</div>
</div>
<ul class="wd-nav wd-nav-mob-tab wd-style-underline">
<li class="mobile-tab-title mobile-pages-title wd-active" data-menu="pages">
<a href="#" rel="nofollow noopener">
<span class="nav-link-text">
Menu </span>
</a>
</li>
<li class="mobile-tab-title mobile-categories-title " data-menu="categories">
<a href="#" rel="nofollow noopener">
<span class="nav-link-text">
Categories </span>
</a>
</li>
</ul>
<ul id="menu-product-category-1" class="mobile-categories-menu menu wd-nav wd-nav-mobile wd-layout-dropdown"><li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-14074 item-level-0" ><a href="https://eonhk.com/product-category/3d-printing/" class="woodmart-nav-link"><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-150x150.jpg" class="wd-nav-img" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /><span class="nav-link-text">3D Printing</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-14091 item-level-0" ><a href="https://eonhk.com/product-category/booth-design/" class="woodmart-nav-link"><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-150x150.jpg" class="wd-nav-img" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu.jpg 1080w" sizes="(max-width: 150px) 100vw, 150px" /><span class="nav-link-text">Booth Design & Production</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10452 item-level-0" ><a href="https://eonhk.com/product-category/game-booth/" class="woodmart-nav-link"><span class="nav-link-text">Game Booth</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10449 item-level-0" ><a href="https://eonhk.com/product-category/furniture/" class="woodmart-nav-link"><span class="nav-link-text">Furniture 傢俬</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10450 item-level-1" ><a href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" class="woodmart-nav-link">Chair 椅子</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11023 item-level-1" ><a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" class="woodmart-nav-link">Outdoor 戶外傢俬</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10451 item-level-1" ><a href="https://eonhk.com/product-category/furniture/sofa-%e6%a2%b3%e5%8c%96%e6%b2%99%e7%99%bc/" class="woodmart-nav-link">Sofa 梳化沙發</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10475 item-level-1" ><a href="https://eonhk.com/product-category/furniture/stool-%e5%90%a7%e6%a4%85/" class="woodmart-nav-link">Stool 吧椅</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10476 item-level-1" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/" class="woodmart-nav-link">Table 桌子</a>
<ul class="sub-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10465 item-level-2" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/coffee-table-%e5%92%96%e5%95%a1%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">Coffee Table 咖啡台桌</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10466 item-level-2" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/dinning-table-%e9%a4%90%e5%8f%b0%e6%a1%8c-%e6%9c%83%e8%ad%b0%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">Dinning Table/Meeting Table 餐台桌/會議台桌</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10467 item-level-2" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/high-table-%e5%90%a7%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">High Table 吧台桌</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11188 item-level-1" ><a href="https://eonhk.com/product-category/furniture/kids-%e5%85%92%e7%ab%a5%e5%82%a2%e4%bf%ac/" class="woodmart-nav-link">Kids 兒童傢俬</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11403 item-level-1" ><a href="https://eonhk.com/product-category/furniture/furniture-set-%e5%82%a2%e4%bf%ac%e7%b5%84%e5%90%88/" class="woodmart-nav-link">Furniture Set 傢俬組合</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10453 item-level-0" ><a href="https://eonhk.com/product-category/illuminated-led-funiture1/" class="woodmart-nav-link"><span class="nav-link-text">Illuminated / LED Funiture</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10422 item-level-0" ><a href="https://eonhk.com/product-category/av-items/" class="woodmart-nav-link"><span class="nav-link-text">AV items</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10426 item-level-1" ><a href="https://eonhk.com/product-category/av-items/pa-system/" class="woodmart-nav-link">PA System</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10424 item-level-1" ><a href="https://eonhk.com/product-category/av-items/display-panel/" class="woodmart-nav-link">Display Panel</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10477 item-level-1" ><a href="https://eonhk.com/product-category/av-items/tv/" class="woodmart-nav-link">TV</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10427 item-level-1" ><a href="https://eonhk.com/product-category/av-items/projector/" class="woodmart-nav-link">Projector</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10425 item-level-1" ><a href="https://eonhk.com/product-category/av-items/ipad/" class="woodmart-nav-link">iPad</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10423 item-level-1" ><a href="https://eonhk.com/product-category/av-items/computer/" class="woodmart-nav-link">Computer</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10428 item-level-0" ><a href="https://eonhk.com/product-category/backstage-equipment/" class="woodmart-nav-link"><span class="nav-link-text">Backstage Equipment</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10429 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/fitting-room/" class="woodmart-nav-link">Fitting Room</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10430 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/hanging-rack/" class="woodmart-nav-link">Hanging Rack</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10431 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/mannequin/" class="woodmart-nav-link">Mannequin</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10432 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/mirror/" class="woodmart-nav-link">Mirror</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10433 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/partition/" class="woodmart-nav-link">Partition</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10434 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/pipe-drape/" class="woodmart-nav-link">Pipe & Drape</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10435 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/plant/" class="woodmart-nav-link">Plant</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10474 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/" class="woodmart-nav-link">Stage Materials</a>
<ul class="sub-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10471 item-level-2" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/stage/" class="woodmart-nav-link">Stage</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10470 item-level-2" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/podium/" class="woodmart-nav-link">Podium</a></li>
</ul>
</li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10454 item-level-0" ><a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" class="woodmart-nav-link"><span class="nav-link-text">Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10437 item-level-0" ><a href="https://eonhk.com/product-category/display-fridge-freezer/" class="woodmart-nav-link"><span class="nav-link-text">Display Fridge & Freezer</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10440 item-level-0" ><a href="https://eonhk.com/product-category/coolers/" class="woodmart-nav-link"><span class="nav-link-text">Cooler & Heater</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10441 item-level-1" ><a href="https://eonhk.com/product-category/coolers/cooler/" class="woodmart-nav-link">Cooler</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10442 item-level-1" ><a href="https://eonhk.com/product-category/coolers/fan/" class="woodmart-nav-link">Fan</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10443 item-level-1" ><a href="https://eonhk.com/product-category/coolers/gas-heater/" class="woodmart-nav-link">Gas Heater</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10444 item-level-0" ><a href="https://eonhk.com/product-category/electric-equipment/" class="woodmart-nav-link"><span class="nav-link-text">Electric Equipment</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10445 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/coffee-machin/" class="woodmart-nav-link">Coffee Machin</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10446 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/oven/" class="woodmart-nav-link">Oven</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10447 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/printer/" class="woodmart-nav-link">Printer</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10448 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/shredder/" class="woodmart-nav-link">Shredder</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10478 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/water-dispenser/" class="woodmart-nav-link">Water Dispenser</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10472 item-level-0" ><a href="https://eonhk.com/product-category/whiteboard-flipchart-locker-bin/" class="woodmart-nav-link"><span class="nav-link-text">Whiteboard, flipchart , Locker & Bin</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10460 item-level-0" ><a href="https://eonhk.com/product-category/brochure-rack/" class="woodmart-nav-link"><span class="nav-link-text">Brochure Rack & Display Rack</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10463 item-level-0" ><a href="https://eonhk.com/product-category/marquee/" class="woodmart-nav-link"><span class="nav-link-text">Marquee & Umbrella</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-13339 item-level-0" ><a href="https://eonhk.com/product-category/bookable/" class="woodmart-nav-link"><span class="nav-link-text">Bookable</span></a></li>
</ul><ul id="menu-main-navigation" class="mobile-pages-menu menu wd-nav wd-nav-mobile wd-layout-dropdown wd-active"><li id="menu-item-8449" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-home current-menu-item page_item page-item-18 current_page_item menu-item-8449 item-level-0" ><a href="https://eonhk.com/" class="woodmart-nav-link"><span class="nav-link-text">Home</span></a></li>
<li id="menu-item-11381" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-11381 item-level-0" ><a href="#" class="woodmart-nav-link"><span class="nav-link-text">About Us</span></a>
<ul class="wd-sub-menu">
<li id="menu-item-8413" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8413 item-level-1" ><a href="https://eonhk.com/about-us/" class="woodmart-nav-link">About EON</a></li>
<li id="menu-item-8653" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8653 item-level-1" ><a href="https://eonhk.com/faqs/" class="woodmart-nav-link">FAQs</a></li>
<li id="menu-item-10372" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-privacy-policy menu-item-10372 item-level-1" ><a href="https://eonhk.com/terms-conditions/" class="woodmart-nav-link">Terms & Conditions</a></li>
</ul>
</li>
<li id="menu-item-11207" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-11207 item-level-0" ><a href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" class="woodmart-nav-link"><span class="nav-link-text">Products</span></a></li>
<li id="menu-item-8703" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8703 item-level-0" ><a href="https://eonhk.com/services/" class="woodmart-nav-link"><span class="nav-link-text">Services</span></a></li>
<li id="menu-item-11360" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-11360 item-level-0" ><a href="#" class="woodmart-nav-link"><span class="nav-link-text">Solutions</span></a>
<ul class="wd-sub-menu">
<li id="menu-item-11361" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-11361 item-level-1" ><a href="https://eonhk.com/3d-printing/" class="woodmart-nav-link">3D Printing</a></li>
</ul>
</li>
<li id="menu-item-10388" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-10388 item-level-0" ><a href="https://eonhk.com/projects/" class="woodmart-nav-link"><span class="nav-link-text">Projects</span></a></li>
<li id="menu-item-8414" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8414 item-level-0" ><a href="https://eonhk.com/contact-us/" class="woodmart-nav-link"><span class="nav-link-text">Contact Us</span></a></li>
<li id="menu-item-11256" class="desktop-hide btn-style-menu menu-item menu-item-type-custom menu-item-object-custom menu-item-11256 item-level-0" ><a href="https://eonhk.com/wp-content/uploads/2024/12/EON_Catalogue_20241206.pdf" class="woodmart-nav-link"><span class="nav-link-text">DOWNLOAD CATALOG</span></a></li>
<li class="menu-item menu-item-wishlist wd-with-icon item-level-0"> <a href="https://eonhk.com/wishlist/" class="woodmart-nav-link">
<span class="nav-link-text">Wishlist</span>
</a>
</li><li class="menu-item menu-item-compare wd-with-icon item-level-0"><a href="https://eonhk.com/compare/" class="woodmart-nav-link">Compare</a></li><li class="menu-item menu-item-account wd-with-icon item-level-0"><a href="https://eonhk.com/my-account/" class="woodmart-nav-link">Login / Register</a></li></ul>
</div> <div class="cart-widget-side wd-side-hidden wd-right">
<div class="wd-heading">
<span class="title">Shopping cart</span>
<div class="close-side-widget wd-action-btn wd-style-text wd-cross-icon">
<a href="#" rel="nofollow">Close</a>
</div>
</div>
<div class="widget woocommerce widget_shopping_cart"><div class="widget_shopping_cart_content"></div></div> </div>
<script type="speculationrules">
{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"/*"},{"not":{"href_matches":["/wp-*.php","/wp-admin/*","/wp-content/uploads/*","/wp-content/*","/wp-content/plugins/*","/wp-content/themes/woodmart/*","/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}
</script>
<script type='text/javascript'>
const lazyloadRunObserver = () => {
const lazyloadBackgrounds = document.querySelectorAll( `.e-con.e-parent:not(.e-lazyloaded)` );
const lazyloadBackgroundObserver = new IntersectionObserver( ( entries ) => {
entries.forEach( ( entry ) => {
if ( entry.isIntersecting ) {
let lazyloadBackground = entry.target;
if( lazyloadBackground ) {
lazyloadBackground.classList.add( 'e-lazyloaded' );
}
lazyloadBackgroundObserver.unobserve( entry.target );
}
});
}, { rootMargin: '200px 0px 200px 0px' } );
lazyloadBackgrounds.forEach( ( lazyloadBackground ) => {
lazyloadBackgroundObserver.observe( lazyloadBackground );
} );
};
const events = [
'DOMContentLoaded',
'elementor/lazyload/observe',
];
events.forEach( ( event ) => {
document.addEventListener( event, lazyloadRunObserver );
} );
</script>
<script type='text/javascript'>
(function () {
var c = document.body.className;
c = c.replace(/woocommerce-no-js/, 'woocommerce-js');
document.body.className = c;
})();
</script>
<script type="text/template" id="tmpl-variation-template">
<div class="woocommerce-variation-description">{{{ data.variation.variation_description }}}</div>
<div class="woocommerce-variation-price">{{{ data.variation.price_html }}}</div>
<div class="woocommerce-variation-availability">{{{ data.variation.availability_html }}}</div>
</script>
<script type="text/template" id="tmpl-unavailable-variation-template">
<p role="alert">Sorry, this product is unavailable. Please choose a different combination.</p>
</script>
<script id="wd-update-cart-fragments-fix-js-extra">
var wd_cart_fragments_params = {"ajax_url":"/wp-admin/admin-ajax.php","wc_ajax_url":"/?wc-ajax=%%endpoint%%","cart_hash_key":"wc_cart_hash_15479c8ef830bf73124f3999bdab52ae","fragment_name":"wc_fragments_15479c8ef830bf73124f3999bdab52ae","request_timeout":"5000"};
//# sourceURL=wd-update-cart-fragments-fix-js-extra
</script>
<script id="wd-update-cart-fragments-fix-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/updateCartFragmentsFix.js?ver=8.0.4"></script>
<script id="wapf-frontend-js-js-extra">
var wapf_config = {"page_type":"other"};
//# sourceURL=wapf-frontend-js-js-extra
</script>
<script id="wapf-frontend-js-js" src="https://eonhk.com/wp-content/plugins/advanced-product-fields-for-woocommerce/assets/js/frontend.min.js?ver=1.6.17"></script>
<script id="wp-hooks-js" src="https://eonhk.com/wp-includes/js/dist/hooks.min.js?ver=7496969728ca0f95732d"></script>
<script id="wp-i18n-js" src="https://eonhk.com/wp-includes/js/dist/i18n.min.js?ver=781d11515ad3d91786ec"></script>
<script id="wp-i18n-js-after">
wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } );
//# sourceURL=wp-i18n-js-after
</script>
<script id="swv-js" src="https://eonhk.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.2"></script>
<script id="contact-form-7-js-before">
var wpcf7 = {
"api": {
"root": "https:\/\/eonhk.com\/wp-json\/",
"namespace": "contact-form-7\/v1"
}
};
//# sourceURL=contact-form-7-js-before
</script>
<script id="contact-form-7-js" src="https://eonhk.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.2"></script>
<script id="chaty-front-end-js-extra">
var chaty_settings = {"ajax_url":"https://eonhk.com/wp-admin/admin-ajax.php","analytics":"0","capture_analytics":"0","token":"f731a3309c","chaty_widgets":[{"id":0,"identifier":0,"settings":{"cta_type":"simple-view","cta_body":"","cta_head":"","cta_head_bg_color":"","cta_head_text_color":"","show_close_button":1,"position":"right","custom_position":1,"bottom_spacing":"25","side_spacing":"25","icon_view":"vertical","default_state":"click","cta_text":"","cta_text_color":"#333333","cta_bg_color":"#ffffff","show_cta":"first_click","is_pending_mesg_enabled":"off","pending_mesg_count":"1","pending_mesg_count_color":"#ffffff","pending_mesg_count_bgcolor":"#dd0000","widget_icon":"chat-base","widget_icon_url":"","font_family":"-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen-Sans,Ubuntu,Cantarell,Helvetica Neue,sans-serif","widget_size":"44","custom_widget_size":"44","is_google_analytics_enabled":0,"close_text":"Hide","widget_color":"#A886CD","widget_icon_color":"#ffffff","widget_rgb_color":"168,134,205","has_custom_css":0,"custom_css":"","widget_token":"9e3ab39d76","widget_index":"","attention_effect":""},"triggers":{"has_time_delay":1,"time_delay":"0","exit_intent":0,"has_display_after_page_scroll":0,"display_after_page_scroll":"0","auto_hide_widget":0,"hide_after":0,"show_on_pages_rules":[],"time_diff":0,"has_date_scheduling_rules":0,"date_scheduling_rules":{"start_date_time":"","end_date_time":""},"date_scheduling_rules_timezone":0,"day_hours_scheduling_rules_timezone":0,"has_day_hours_scheduling_rules":[],"day_hours_scheduling_rules":[],"day_time_diff":0,"show_on_direct_visit":0,"show_on_referrer_social_network":0,"show_on_referrer_search_engines":0,"show_on_referrer_google_ads":0,"show_on_referrer_urls":[],"has_show_on_specific_referrer_urls":0,"has_traffic_source":0,"has_countries":0,"countries":[],"has_target_rules":0},"channels":[{"channel":"Whatsapp","value":"85298894137","hover_text":"","chatway_position":"","svg_icon":"\u003Csvg width=\"39\" height=\"39\" viewBox=\"0 0 39 39\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"\u003E\u003Ccircle class=\"color-element\" cx=\"19.4395\" cy=\"19.4395\" r=\"19.4395\" fill=\"#49E670\"/\u003E\u003Cpath d=\"M12.9821 10.1115C12.7029 10.7767 11.5862 11.442 10.7486 11.575C10.1902 11.7081 9.35269 11.8411 6.84003 10.7767C3.48981 9.44628 1.39593 6.25317 1.25634 6.12012C1.11674 5.85403 2.13001e-06 4.39053 2.13001e-06 2.92702C2.13001e-06 1.46351 0.83755 0.665231 1.11673 0.399139C1.39592 0.133046 1.8147 1.01506e-06 2.23348 1.01506e-06C2.37307 1.01506e-06 2.51267 1.01506e-06 2.65226 1.01506e-06C2.93144 1.01506e-06 3.21063 -2.02219e-06 3.35022 0.532183C3.62941 1.19741 4.32736 2.66092 4.32736 2.79397C4.46696 2.92702 4.46696 3.19311 4.32736 3.32616C4.18777 3.59225 4.18777 3.59224 3.90858 3.85834C3.76899 3.99138 3.6294 4.12443 3.48981 4.39052C3.35022 4.52357 3.21063 4.78966 3.35022 5.05576C3.48981 5.32185 4.18777 6.38622 5.16491 7.18449C6.42125 8.24886 7.39839 8.51496 7.81717 8.78105C8.09636 8.91409 8.37554 8.9141 8.65472 8.648C8.93391 8.38191 9.21309 7.98277 9.49228 7.58363C9.77146 7.31754 10.0507 7.1845 10.3298 7.31754C10.609 7.45059 12.2841 8.11582 12.5633 8.38191C12.8425 8.51496 13.1217 8.648 13.1217 8.78105C13.1217 8.78105 13.1217 9.44628 12.9821 10.1115Z\" transform=\"translate(12.9597 12.9597)\" fill=\"#FAFAFA\"/\u003E\u003Cpath d=\"M0.196998 23.295L0.131434 23.4862L0.323216 23.4223L5.52771 21.6875C7.4273 22.8471 9.47325 23.4274 11.6637 23.4274C18.134 23.4274 23.4274 18.134 23.4274 11.6637C23.4274 5.19344 18.134 -0.1 11.6637 -0.1C5.19344 -0.1 -0.1 5.19344 -0.1 11.6637C-0.1 13.9996 0.624492 16.3352 1.93021 18.2398L0.196998 23.295ZM5.87658 19.8847L5.84025 19.8665L5.80154 19.8788L2.78138 20.8398L3.73978 17.9646L3.75932 17.906L3.71562 17.8623L3.43104 17.5777C2.27704 15.8437 1.55796 13.8245 1.55796 11.6637C1.55796 6.03288 6.03288 1.55796 11.6637 1.55796C17.2945 1.55796 21.7695 6.03288 21.7695 11.6637C21.7695 17.2945 17.2945 21.7695 11.6637 21.7695C9.64222 21.7695 7.76778 21.1921 6.18227 20.039L6.17557 20.0342L6.16817 20.0305L5.87658 19.8847Z\" transform=\"translate(7.7758 7.77582)\" fill=\"white\" stroke=\"white\" stroke-width=\"0.2\"/\u003E\u003C/svg\u003E","is_desktop":1,"is_mobile":1,"icon_color":"#49E670","icon_rgb_color":"73,230,112","channel_type":"Whatsapp","custom_image_url":"","order":"","pre_set_message":"Hi Eon https://eonhk.com","is_use_web_version":"0","is_open_new_tab":"1","is_default_open":"0","has_welcome_message":"0","emoji_picker":"1","input_placeholder":"Write your message...","chat_welcome_message":"\u003Cp\u003EHow can I help you? :)\u003C/p\u003E","wp_popup_headline":"Let's chat on WhatsApp","wp_popup_nickname":"","wp_popup_profile":"","wp_popup_head_bg_color":"#4AA485","qr_code_image_url":"","mail_subject":"","channel_account_type":"personal","contact_form_settings":[],"contact_fields":[],"url":"https://wa.me/85298894137","mobile_target":"","desktop_target":"","target":"","is_agent":0,"agent_data":[],"header_text":"","header_sub_text":"","header_bg_color":"","header_text_color":"","widget_token":"9e3ab39d76","widget_index":"","click_event":"","viber_url":""}]}],"data_analytics_settings":"off","lang":{"whatsapp_label":"WhatsApp Message","hide_whatsapp_form":"Hide WhatsApp Form","emoji_picker":"Show Emojis"},"has_chatway":""};
//# sourceURL=chaty-front-end-js-extra
</script>
<script defer id="chaty-front-end-js" src="https://eonhk.com/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.4.81745577107"></script>
<script id="sourcebuster-js-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=10.1.2"></script>
<script id="wc-order-attribution-js-extra">
var wc_order_attribution = {"params":{"lifetime":1.0e-5,"session":30,"base64":false,"ajaxurl":"https://eonhk.com/wp-admin/admin-ajax.php","prefix":"wc_order_attribution_","allowTracking":true},"fields":{"source_type":"current.typ","referrer":"current_add.rf","utm_campaign":"current.cmp","utm_source":"current.src","utm_medium":"current.mdm","utm_content":"current.cnt","utm_id":"current.id","utm_term":"current.trm","utm_source_platform":"current.plt","utm_creative_format":"current.fmt","utm_marketing_tactic":"current.tct","session_entry":"current_add.ep","session_start_time":"current_add.fd","session_pages":"session.pgs","session_count":"udata.vst","user_agent":"udata.uag"}};
//# sourceURL=wc-order-attribution-js-extra
</script>
<script id="wc-order-attribution-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=10.1.2"></script>
<script id="google-recaptcha-js" src="https://www.google.com/recaptcha/api.js?render=6LfjCWUrAAAAAFP-afrMFKNZRWgZfV-1YkF0ESCf&ver=3.0"></script>
<script id="wp-polyfill-js" src="https://eonhk.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0"></script>
<script id="wpcf7-recaptcha-js-before">
var wpcf7_recaptcha = {
"sitekey": "6LfjCWUrAAAAAFP-afrMFKNZRWgZfV-1YkF0ESCf",
"actions": {
"homepage": "homepage",
"contactform": "contactform"
}
};
//# sourceURL=wpcf7-recaptcha-js-before
</script>
<script id="wpcf7-recaptcha-js" src="https://eonhk.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=6.1.2"></script>
<script id="elementor-webpack-runtime-js" src="https://eonhk.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.26.0"></script>
<script id="elementor-frontend-modules-js" src="https://eonhk.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.26.0"></script>
<script id="jquery-ui-core-js" src="https://eonhk.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3"></script>
<script id="elementor-frontend-js-before">
var elementorFrontendConfig = {"environmentMode":{"edit":false,"wpPreview":false,"isScriptDebug":false},"i18n":{"shareOnFacebook":"Share on Facebook","shareOnTwitter":"Share on Twitter","pinIt":"Pin it","download":"Download","downloadImage":"Download image","fullscreen":"Fullscreen","zoom":"Zoom","share":"Share","playVideo":"Play Video","previous":"Previous","next":"Next","close":"Close","a11yCarouselPrevSlideMessage":"Previous slide","a11yCarouselNextSlideMessage":"Next slide","a11yCarouselFirstSlideMessage":"This is the first slide","a11yCarouselLastSlideMessage":"This is the last slide","a11yCarouselPaginationBulletMessage":"Go to slide"},"is_rtl":false,"breakpoints":{"xs":0,"sm":480,"md":768,"lg":1025,"xl":1440,"xxl":1600},"responsive":{"breakpoints":{"mobile":{"label":"Mobile Portrait","value":767,"default_value":767,"direction":"max","is_enabled":true},"mobile_extra":{"label":"Mobile Landscape","value":880,"default_value":880,"direction":"max","is_enabled":false},"tablet":{"label":"Tablet Portrait","value":1024,"default_value":1024,"direction":"max","is_enabled":true},"tablet_extra":{"label":"Tablet Landscape","value":1200,"default_value":1200,"direction":"max","is_enabled":false},"laptop":{"label":"Laptop","value":1366,"default_value":1366,"direction":"max","is_enabled":false},"widescreen":{"label":"Widescreen","value":2400,"default_value":2400,"direction":"min","is_enabled":false}},"hasCustomBreakpoints":false},"version":"3.26.0","is_static":false,"experimentalFeatures":{"e_font_icon_svg":true,"additional_custom_breakpoints":true,"container":true,"e_swiper_latest":true,"e_nested_atomic_repeaters":true,"e_onboarding":true,"e_css_smooth_scroll":true,"home_screen":true,"nested-elements":true,"editor_v2":true,"e_element_cache":true,"link-in-bio":true,"floating-buttons":true},"urls":{"assets":"https:\/\/eonhk.com\/wp-content\/plugins\/elementor\/assets\/","ajaxurl":"https:\/\/eonhk.com\/wp-admin\/admin-ajax.php","uploadUrl":"https:\/\/eonhk.com\/wp-content\/uploads"},"nonces":{"floatingButtonsClickTracking":"443a3f5490"},"swiperClass":"swiper","settings":{"page":[],"editorPreferences":[]},"kit":{"active_breakpoints":["viewport_mobile","viewport_tablet"],"global_image_lightbox":"yes","lightbox_enable_counter":"yes","lightbox_enable_fullscreen":"yes","lightbox_enable_zoom":"yes","lightbox_enable_share":"yes","lightbox_title_src":"title","lightbox_description_src":"description"},"post":{"id":18,"title":"Home%20-%20EON%20Rental%20Limited%20-%20Event%20Furniture%20Rental%20for%20Outdoor%20Event","excerpt":"","featuredImage":false}};
var elementorFrontendConfig = {"environmentMode":{"edit":false,"wpPreview":false,"isScriptDebug":false},"i18n":{"shareOnFacebook":"Share on Facebook","shareOnTwitter":"Share on Twitter","pinIt":"Pin it","download":"Download","downloadImage":"Download image","fullscreen":"Fullscreen","zoom":"Zoom","share":"Share","playVideo":"Play Video","previous":"Previous","next":"Next","close":"Close","a11yCarouselPrevSlideMessage":"Previous slide","a11yCarouselNextSlideMessage":"Next slide","a11yCarouselFirstSlideMessage":"This is the first slide","a11yCarouselLastSlideMessage":"This is the last slide","a11yCarouselPaginationBulletMessage":"Go to slide"},"is_rtl":false,"breakpoints":{"xs":0,"sm":480,"md":768,"lg":1025,"xl":1440,"xxl":1600},"responsive":{"breakpoints":{"mobile":{"label":"Mobile Portrait","value":767,"default_value":767,"direction":"max","is_enabled":true},"mobile_extra":{"label":"Mobile Landscape","value":880,"default_value":880,"direction":"max","is_enabled":false},"tablet":{"label":"Tablet Portrait","value":1024,"default_value":1024,"direction":"max","is_enabled":true},"tablet_extra":{"label":"Tablet Landscape","value":1200,"default_value":1200,"direction":"max","is_enabled":false},"laptop":{"label":"Laptop","value":1366,"default_value":1366,"direction":"max","is_enabled":false},"widescreen":{"label":"Widescreen","value":2400,"default_value":2400,"direction":"min","is_enabled":false}},"hasCustomBreakpoints":false},"version":"3.26.0","is_static":false,"experimentalFeatures":{"e_font_icon_svg":true,"additional_custom_breakpoints":true,"container":true,"e_swiper_latest":true,"e_nested_atomic_repeaters":true,"e_onboarding":true,"e_css_smooth_scroll":true,"home_screen":true,"nested-elements":true,"editor_v2":true,"e_element_cache":true,"link-in-bio":true,"floating-buttons":true},"urls":{"assets":"https:\/\/eonhk.com\/wp-content\/plugins\/elementor\/assets\/","ajaxurl":"https:\/\/eonhk.com\/wp-admin\/admin-ajax.php","uploadUrl":"https:\/\/eonhk.com\/wp-content\/uploads"},"nonces":{"floatingButtonsClickTracking":"443a3f5490"},"swiperClass":"swiper","settings":{"page":[],"editorPreferences":[]},"kit":{"active_breakpoints":["viewport_mobile","viewport_tablet"],"global_image_lightbox":"yes","lightbox_enable_counter":"yes","lightbox_enable_fullscreen":"yes","lightbox_enable_zoom":"yes","lightbox_enable_share":"yes","lightbox_title_src":"title","lightbox_description_src":"description"},"post":{"id":18,"title":"Home%20-%20EON%20Rental%20Limited%20-%20Event%20Furniture%20Rental%20for%20Outdoor%20Event","excerpt":"","featuredImage":false}};
//# sourceURL=elementor-frontend-js-before
</script>
<script id="elementor-frontend-js" src="https://eonhk.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.26.0"></script>
<script id="woodmart-theme-js-extra">
var woodmart_settings = {"menu_storage_key":"woodmart_7d44664c96aa7af30fa9803158f8f5b2","ajax_dropdowns_save":"1","photoswipe_close_on_scroll":"1","woocommerce_ajax_add_to_cart":"yes","variation_gallery_storage_method":"new","elementor_no_gap":"enabled","adding_to_cart":"Processing","added_to_cart":"Product was successfully added to your cart.","continue_shopping":"Continue shopping","view_cart":"View Cart","go_to_checkout":"Checkout","loading":"Loading...","countdown_days":"days","countdown_hours":"hr","countdown_mins":"min","countdown_sec":"sc","cart_url":"https://eonhk.com/cart/","ajaxurl":"https://eonhk.com/wp-admin/admin-ajax.php","add_to_cart_action":"widget","added_popup":"no","categories_toggle":"yes","enable_popup":"no","popup_delay":"2000","popup_event":"time","popup_scroll":"1000","popup_pages":"0","promo_popup_hide_mobile":"yes","product_images_captions":"no","ajax_add_to_cart":"1","all_results":"View all results","zoom_enable":"yes","ajax_scroll":"yes","ajax_scroll_class":".wd-page-content","ajax_scroll_offset":"100","infinit_scroll_offset":"300","product_slider_auto_height":"no","price_filter_action":"click","product_slider_autoplay":"","close":"Close (Esc)","share_fb":"Share on Facebook","pin_it":"Pin it","tweet":"Share on X","download_image":"Download image","off_canvas_column_close_btn_text":"Close","cookies_version":"1","header_banner_version":"1","promo_version":"1","header_banner_close_btn":"yes","header_banner_enabled":"no","whb_header_clone":"\n \u003Cdiv class=\"whb-sticky-header whb-clone whb-main-header \u003C%wrapperClasses%\u003E\"\u003E\n \u003Cdiv class=\"\u003C%cloneClass%\u003E\"\u003E\n \u003Cdiv class=\"container\"\u003E\n \u003Cdiv class=\"whb-flex-row whb-general-header-inner\"\u003E\n \u003Cdiv class=\"whb-column whb-col-left whb-visible-lg\"\u003E\n \u003C%.site-logo%\u003E\n \u003C/div\u003E\n \u003Cdiv class=\"whb-column whb-col-center whb-visible-lg\"\u003E\n \u003C%.wd-header-main-nav%\u003E\n \u003C/div\u003E\n \u003Cdiv class=\"whb-column whb-col-right whb-visible-lg\"\u003E\n \u003C%.wd-header-my-account%\u003E\n \u003C%.wd-header-search:not(.wd-header-search-mobile)%\u003E\n \u003C%.wd-header-wishlist%\u003E\n \u003C%.wd-header-compare%\u003E\n \u003C%.wd-header-cart%\u003E\n \u003C%.wd-header-fs-nav%\u003E\n \u003C/div\u003E\n \u003C%.whb-mobile-left%\u003E\n \u003C%.whb-mobile-center%\u003E\n \u003C%.whb-mobile-right%\u003E\n \u003C/div\u003E\n \u003C/div\u003E\n \u003C/div\u003E\n \u003C/div\u003E\n","pjax_timeout":"5000","split_nav_fix":"","shop_filters_close":"no","woo_installed":"1","base_hover_mobile_click":"no","centered_gallery_start":"1","quickview_in_popup_fix":"","one_page_menu_offset":"150","hover_width_small":"1","is_multisite":"","current_blog_id":"1","swatches_scroll_top_desktop":"no","swatches_scroll_top_mobile":"no","lazy_loading_offset":"0","add_to_cart_action_timeout":"no","add_to_cart_action_timeout_number":"3","single_product_variations_price":"no","google_map_style_text":"Custom style","quick_shop":"yes","sticky_product_details_offset":"150","sticky_product_details_different":"100","preloader_delay":"300","comment_images_upload_size_text":"Some files are too large. Allowed file size is 1 MB.","comment_images_count_text":"You can upload up to 3 images to your review.","single_product_comment_images_required":"no","comment_required_images_error_text":"Image is required.","comment_images_upload_mimes_text":"You are allowed to upload images only in png, jpeg formats.","comment_images_added_count_text":"Added %s image(s)","comment_images_upload_size":"1048576","comment_images_count":"3","search_input_padding":"no","comment_images_upload_mimes":{"jpg|jpeg|jpe":"image/jpeg","png":"image/png"},"home_url":"https://eonhk.com/","shop_url":"https://eonhk.com/shop/","age_verify":"no","banner_version_cookie_expires":"60","promo_version_cookie_expires":"7","age_verify_expires":"30","countdown_timezone":"GMT","cart_redirect_after_add":"no","swatches_labels_name":"no","product_categories_placeholder":"Select a category","product_categories_no_results":"No matches found","cart_hash_key":"wc_cart_hash_15479c8ef830bf73124f3999bdab52ae","fragment_name":"wc_fragments_15479c8ef830bf73124f3999bdab52ae","photoswipe_template":"\u003Cdiv class=\"pswp\" aria-hidden=\"true\" role=\"dialog\" tabindex=\"-1\"\u003E\u003Cdiv class=\"pswp__bg\"\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__scroll-wrap\"\u003E\u003Cdiv class=\"pswp__container\"\u003E\u003Cdiv class=\"pswp__item\"\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__item\"\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__item\"\u003E\u003C/div\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__ui pswp__ui--hidden\"\u003E\u003Cdiv class=\"pswp__top-bar\"\u003E\u003Cdiv class=\"pswp__counter\"\u003E\u003C/div\u003E\u003Cbutton class=\"pswp__button pswp__button--close\" title=\"Close (Esc)\"\u003E\u003C/button\u003E \u003Cbutton class=\"pswp__button pswp__button--share\" title=\"Share\"\u003E\u003C/button\u003E \u003Cbutton class=\"pswp__button pswp__button--fs\" title=\"Toggle fullscreen\"\u003E\u003C/button\u003E \u003Cbutton class=\"pswp__button pswp__button--zoom\" title=\"Zoom in/out\"\u003E\u003C/button\u003E\u003Cdiv class=\"pswp__preloader\"\u003E\u003Cdiv class=\"pswp__preloader__icn\"\u003E\u003Cdiv class=\"pswp__preloader__cut\"\u003E\u003Cdiv class=\"pswp__preloader__donut\"\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__share-modal pswp__share-modal--hidden pswp__single-tap\"\u003E\u003Cdiv class=\"pswp__share-tooltip\"\u003E\u003C/div\u003E\u003C/div\u003E\u003Cbutton class=\"pswp__button pswp__button--arrow--left\" title=\"Previous (arrow left)\"\u003E\u003C/button\u003E \u003Cbutton class=\"pswp__button pswp__button--arrow--right\" title=\"Next (arrow right)\u003E\"\u003E\u003C/button\u003E\u003Cdiv class=\"pswp__caption\"\u003E\u003Cdiv class=\"pswp__caption__center\"\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E","load_more_button_page_url":"yes","load_more_button_page_url_opt":"yes","menu_item_hover_to_click_on_responsive":"no","clear_menu_offsets_on_resize":"yes","three_sixty_framerate":"60","three_sixty_prev_next_frames":"5","ajax_search_delay":"300","animated_counter_speed":"3000","site_width":"1222","cookie_secure_param":"1","cookie_path":"/","theme_dir":"https://eonhk.com/wp-content/themes/woodmart","slider_distortion_effect":"sliderWithNoise","current_page_builder":"elementor","collapse_footer_widgets":"yes","carousel_breakpoints":{"1025":"lg","768.98":"md","0":"sm"},"ajax_fullscreen_content":"yes","grid_gallery_control":"hover","grid_gallery_enable_arrows":"none","ajax_shop":"1","add_to_cart_text":"Add to cart","mobile_navigation_drilldown_back_to":"Back to %s","mobile_navigation_drilldown_back_to_main_menu":"Back to menu","mobile_navigation_drilldown_back_to_categories":"Back to categories","tooltip_left_selector":".wd-buttons[class*=\"wd-pos-r\"] .wd-action-btn, .wd-portfolio-btns .portfolio-enlarge","tooltip_top_selector":".wd-tooltip, .wd-buttons:not([class*=\"wd-pos-r\"]) \u003E .wd-action-btn, body:not(.catalog-mode-on):not(.login-see-prices) .wd-hover-base .wd-bottom-actions .wd-action-btn.wd-style-icon, .wd-hover-base .wd-compare-btn, body:not(.logged-in) .wd-review-likes a","ajax_links":".wd-nav-product-cat a, .wd-page-wrapper .widget_product_categories a, .widget_layered_nav_filters a, .woocommerce-widget-layered-nav a, .filters-area:not(.custom-content) a, body.post-type-archive-product:not(.woocommerce-account) .woocommerce-pagination a, body.tax-product_cat:not(.woocommerce-account) .woocommerce-pagination a, .wd-shop-tools a:not([rel=\"v:url\"]), .woodmart-woocommerce-layered-nav a, .woodmart-price-filter a, .wd-clear-filters a, .woodmart-woocommerce-sort-by a, .woocommerce-widget-layered-nav-list a, .wd-widget-stock-status a, .widget_nav_mega_menu a, .wd-products-shop-view a, .wd-products-per-page a, .category-grid-item a, .wd-cat a, body[class*=\"tax-pa_\"] .woocommerce-pagination a","wishlist_expanded":"no","wishlist_show_popup":"","wishlist_page_nonce":"514e4018c2","wishlist_fragments_nonce":"1c3490b5d0","wishlist_remove_notice":"Do you really want to remove these products?","wishlist_hash_name":"woodmart_wishlist_hash_1a7636156c1a70825864e2c7f8479b5e","wishlist_fragment_name":"woodmart_wishlist_fragments_1a7636156c1a70825864e2c7f8479b5e","wishlist_save_button_state":"no","is_criteria_enabled":"","summary_criteria_ids":"","review_likes_tooltip":"Please log in to rate reviews.","vimeo_library_url":"https://eonhk.com/wp-content/themes/woodmart/js/libs/vimeo-player.min.js","compare_by_category":"no","compare_page_nonce":"dfa7867392","compare_save_button_state":"no","reviews_criteria_rating_required":"no","is_rating_summary_filter_enabled":""};
var woodmart_page_css = {"wd-helpers-wpb-elem-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/helpers-wpb-elem.min.css","wd-widget-recent-post-comments-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css","wd-widget-wd-recent-posts-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-wd-recent-posts.min.css","wd-widget-nav-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-nav.min.css","wd-widget-wd-layered-nav-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-wd-layered-nav.min.css","wd-woo-mod-swatches-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-swatches-base.min.css","wd-woo-mod-swatches-filter-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-swatches-filter.min.css","wd-widget-product-cat-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-product-cat.min.css","wd-widget-product-list-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-product-list.min.css","wd-wpcf7-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/int-wpcf7.min.css","wd-revolution-slider-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/int-rev-slider.min.css","wd-woo-paypal-payments-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/int-woo-paypal-payments.min.css","wd-elementor-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/int-elem-base.min.css","wd-woocommerce-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woocommerce-base.min.css","wd-mod-star-rating-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-star-rating.min.css","wd-woo-el-track-order-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-el-track-order.min.css","wd-woocommerce-block-notices-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-block-notices.min.css","wd-wp-blocks-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/wp-blocks.min.css","wd-header-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-base.min.css","wd-mod-tools-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-tools.min.css","wd-header-elements-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-base.min.css","wd-social-icons-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-social-icons.min.css","wd-header-search-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-search.min.css","wd-header-search-form-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-search-form.min.css","wd-wd-search-results-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-results.min.css","wd-wd-search-form-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-form.min.css","wd-wd-search-cat-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-cat.min.css","wd-header-my-account-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-my-account.min.css","wd-header-cart-side-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-cart-side.min.css","wd-header-cart-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-cart.min.css","wd-widget-shopping-cart-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-shopping-cart.min.css","wd-header-mobile-nav-dropdown-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-mobile-nav-dropdown.min.css","wd-header-categories-nav-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-category-nav.min.css","wd-mod-nav-vertical-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-nav-vertical.min.css","wd-mod-nav-vertical-design-default-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-nav-vertical-design-default.min.css","wd-button-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-button.min.css","wd-section-title-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-section-title.min.css","wd-el-subtitle-style-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-subtitle-style.min.css","wd-categories-loop-center-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-center-old.min.css","wd-woo-categories-loop-layout-masonry-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-layout-masonry.min.css","wd-woo-categories-loop-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop.min.css","wd-categories-loop-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-old.min.css","wd-tabs-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-tabs.min.css","wd-product-tabs-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-product-tabs.min.css","wd-sticky-loader-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-sticky-loader.min.css","wd-product-loop-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-product-loop.min.css","wd-product-loop-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-product-loop-base.min.css","wd-woo-mod-add-btn-replace-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-add-btn-replace.min.css","wd-mod-more-description-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-more-description.min.css","wd-woo-mod-product-labels-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-product-labels.min.css","wd-woo-mod-product-labels-round-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-product-labels-round.min.css","wd-mfp-popup-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css","wd-swiper-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper.min.css","wd-slider-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-slider.min.css","wd-animations-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-animations-transform.min.css","wd-info-box-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-info-box.min.css","wd-swiper-arrows-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper-arrows.min.css","wd-swiper-pagin-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper-pagin.min.css","wd-text-block-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-text-block.min.css","wd-blog-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-base.min.css","wd-blog-loop-base-old-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-loop-base-old.min.css","wd-blog-loop-design-masonry-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-loop-design-masonry.min.css","wd-image-gallery-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-gallery.min.css","wd-widget-collapse-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/opt-widget-collapse.min.css","wd-footer-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/footer-base.min.css","wd-list-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-list.min.css","wd-el-list-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-list-wpb-elem.min.css","wd-scroll-top-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css"};
//# sourceURL=woodmart-theme-js-extra
</script>
<script id="woodmart-theme-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/helpers.min.js?ver=8.0.4"></script>
<script id="wd-woocommerce-notices-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/woocommerceNotices.min.js?ver=8.0.4"></script>
<script id="wd-header-builder-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/header/headerBuilder.min.js?ver=8.0.4"></script>
<script id="wd-autocomplete-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/autocomplete.min.js?ver=8.0.4"></script>
<script id="wd-ajax-search-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/ajaxSearch.min.js?ver=8.0.4"></script>
<script id="wd-simple-dropdown-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/menu/simpleDropdown.min.js?ver=8.0.4"></script>
<script id="wd-login-dropdown-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/loginDropdown.min.js?ver=8.0.4"></script>
<script id="wd-wishlist-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/wishlist.min.js?ver=8.0.4"></script>
<script id="wd-compare-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/woodmartCompare.min.js?ver=8.0.4"></script>
<script id="wd-on-remove-from-cart-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/onRemoveFromCart.min.js?ver=8.0.4"></script>
<script id="wd-header-categories-menu-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/headerCategoriesMenu.min.js?ver=8.0.4"></script>
<script id="wd-menu-offsets-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/menu/menuOffsets.min.js?ver=8.0.4"></script>
<script id="wd-menu-setup-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/menu/menuSetUp.min.js?ver=8.0.4"></script>
<script id="imagesloaded-js" src="https://eonhk.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0"></script>
<script id="wd-isotope-bundle-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/isotope-bundle.min.js?ver=8.0.4"></script>
<script id="wd-shop-masonry-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/shopMasonry.min.js?ver=8.0.4"></script>
<script id="wd-products-tabs-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/productsTabs.min.js?ver=8.0.4"></script>
<script id="wd-quick-shop-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/quickShop.min.js?ver=8.0.4"></script>
<script id="wd-swatches-variations-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/swatchesVariations.min.js?ver=8.0.4"></script>
<script id="wd-add-to-cart-all-types-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/addToCartAllTypes.min.js?ver=8.0.4"></script>
<script id="underscore-js" src="https://eonhk.com/wp-includes/js/underscore.min.js?ver=1.13.8"></script>
<script id="wp-util-js-extra">
var _wpUtilSettings = {"ajax":{"url":"/wp-admin/admin-ajax.php"}};
//# sourceURL=wp-util-js-extra
</script>
<script id="wp-util-js" src="https://eonhk.com/wp-includes/js/wp-util.min.js?ver=7.0"></script>
<script id="wc-add-to-cart-variation-js-extra">
var wc_add_to_cart_variation_params = {"wc_ajax_url":"/?wc-ajax=%%endpoint%%","i18n_no_matching_variations_text":"Sorry, no products matched your selection. Please choose a different combination.","i18n_make_a_selection_text":"Please select some product options before adding this product to your cart.","i18n_unavailable_text":"Sorry, this product is unavailable. Please choose a different combination.","i18n_reset_alert_text":"Your selection has been reset. Please select some product options before adding this product to your cart."};
//# sourceURL=wc-add-to-cart-variation-js-extra
</script>
<script data-wp-strategy="defer" defer id="wc-add-to-cart-variation-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=10.1.2"></script>
<script id="wd-product-hover-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/productHover.min.js?ver=8.0.4"></script>
<script id="wd-product-more-description-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/productMoreDescription.min.js?ver=8.0.4"></script>
<script id="wd-btns-tooltips-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/btnsToolTips.min.js?ver=8.0.4"></script>
<script id="wd-tooltips-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/tooltips.min.js?ver=8.0.4"></script>
<script id="wd-action-after-add-to-cart-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/actionAfterAddToCart.min.js?ver=8.0.4"></script>
<script id="wd-swiper-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/swiper.min.js?ver=8.0.4"></script>
<script id="wd-swiper-carousel-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/swiperInit.min.js?ver=8.0.4"></script>
<script id="wd-magnific-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/magnific-popup.min.js?ver=8.0.4"></script>
<script id="wd-product-images-gallery-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/productImagesGallery.min.js?ver=8.0.4"></script>
<script id="wd-quick-view-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/quickView.min.js?ver=8.0.4"></script>
<script id="wd-woocommerce-quantity-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/woocommerceQuantity.min.js?ver=8.0.4"></script>
<script id="wd-slider-element-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/elements/slider.min.js?ver=8.0.4"></script>
<script id="wd-waypoints-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/waypoints.min.js?ver=8.0.4"></script>
<script id="wd-animations-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/animations.min.js?ver=8.0.4"></script>
<script id="wd-widget-collapse-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/widgetCollapse.min.js?ver=8.0.4"></script>
<script id="wd-mfp-popup-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/mfpPopup.min.js?ver=8.0.4"></script>
<script id="wd-scroll-top-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/scrollTop.min.js?ver=8.0.4"></script>
<script id="wd-mobile-navigation-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/menu/mobileNavigation.min.js?ver=8.0.4"></script>
<script id="wd-cart-widget-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/cartWidget.min.js?ver=8.0.4"></script>
<script id="wc-cart-fragments-js-extra">
var wc_cart_fragments_params = {"ajax_url":"/wp-admin/admin-ajax.php","wc_ajax_url":"/?wc-ajax=%%endpoint%%","cart_hash_key":"wc_cart_hash_15479c8ef830bf73124f3999bdab52ae","fragment_name":"wc_fragments_15479c8ef830bf73124f3999bdab52ae","request_timeout":"5000"};
//# sourceURL=wc-cart-fragments-js-extra
</script>
<script data-wp-strategy="defer" defer id="wc-cart-fragments-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=10.1.2"></script>
<script>
SR7.JSON['woodmart-main-slider'] = {"settings":{"id":"woodmart-main-slider","migrated":"sr6","uSize":[false,true,true,true,true],"title":"Main slider","alias":"main-slider","type":"standard","lazyLoad":"smart","vPort":["20%","20%","20%","20%","20%"],"size":{"fullHeightOffset":",","contentFH":true,"width":[1240,1240,1024,778,480],"height":[495,495,476,500,700],"cachedHeight":[495,495,476,500,700],"maxWidth":"","p":{"t":[0,0,0,0,0],"b":[0,0,0,0,0],"l":[0,0,0,0,0],"r":[0,0,0,0,0]},"m":{"t":[0,0,0,0,0],"b":[0,0,0,0,0],"l":[0,0,0,0,0],"r":[0,0,0,0,0]}},"default":{"len":"9000"},"carousel":{"type":"h","align":"center","maxV":3,"justify":false,"scale":false,"minS":50,"vScale":false,"oScale":false,"space":"0","rotation":false,"maxR":"0","varR":false,"opacity":true,"maxO":100,"varO":false,"spin":"off","spinA":0,"snap":true,"infinity":false,"skewX":0,"skewY":0,"ease":"power3.inOut","dur":"800","overshoot":false,"stretch":false,"showAllLayers":false,"jMWidth":false,"bR":"0","bRU":"px","pNV":"50px","pT":"0","pB":"0"},"pLoader":{"color":"#FFFFFF","type":"0"},"slideshow":{"sOH":true,"initDelay":"0"},"general":{"perspectiveType":"local","lazyLoad":"smart","slideshow":{"globalViewPort":"true","globalViewDist":"-200px"}},"shdw":"0","bg":{"color":{"type":"solid","orig":"#f8f8f8","string":"rgba(248, 248, 248, 1)"}},"mod":{"use":true,"dOM":true,"d3d":27.5,"t":"mouse"},"nav":{"m":{"use":false,"cd":1000},"s":{"use":true,"desk":true,"t":"50"},"p":{"w":"100","h":"50"},"arrows":{"set":true,"def":{"bg-color":{"title":"Background","type":"color","data":"#ffffff"},"size":{"title":"Size","type":"custom","data":"60"},"padding":{"title":"Padding","type":"custom","data":"10"},"arrow-color":{"title":"Arrow-Color","type":"color","data":"#000000"},"bg-hover-color":{"title":"Hover-Background","type":"color","data":"rgba(255,255,255,0.75)"}},"cst":{"padding-def":true,"padding":"3","size-def":true,"size":"45","bg-color":"#ffffff","bg-color-def":false,"arrow-color":"#000000","arrow-color-def":false,"bg-hover-color":"rgba(255,255,255,0.75)","bg-hover-color-def":false},"key":"metis","t":1011,"m":"hslide","css":".metis.sr7-arrows {\n background:##bg-color##;\n padding:##padding##px;\n transition:all 0.3s;\n -webkit-transition:all 0.3s;\n width:##size##px;\n height:##size##px;\n box-sizing:border-box;\n }\n \n .metis.sr7-arrows.sr7-touchhover {\n background:##bg-hover-color##;\n }\n \n .metis.sr7-arrows:before {\n color:##arrow-color##; \n transition:all 0.3s;\n -webkit-transition:all 0.3s;\n }\n \n .metis.sr7-arrows.sr7-touchhover:before {\n transform:scale(1.5);\n }\n ","html":"","ps":"arrow-size","on":true,"s":1000,"dIn":["#a",1000,"#a","#a","#a"],"dOut":["#a",200,"#a","#a","1200"],"show":[true,true,true,false,false],"l":{"a":"slider","anim":"fade","x":["#a","20","#a","#a","#a"],"y":["#a","0","#a","#a","#a"],"v":["#a","center","#a","#a","#a"],"h":["#a","left","#a","#a","#a"]},"r":{"a":"slider","anim":"fade","x":["#a","20","#a","#a","#a"],"y":["#a","0","#a","#a","#a"],"v":["#a","center","#a","#a","#a"],"h":["#a","right","#a","#a","#a"]}},"bullets":{"set":true,"def":{"bullet-size":{"title":"Bullet-Size","type":"custom","data":"16"},"bullet-color":{"title":"Bullet-Color","type":"color","data":"#ffffff"},"border":{"title":"Border-Thickness","type":"custom","data":"2"},"bullet-hover":{"title":"Hover-Bullet","type":"color","data":"rgba(0,0,0,0.21)"}},"cst":{"bullet-size":"16","bullet-size-def":false,"bullet-color":"#ffffff","bullet-color-def":false,"border":"2","border-def":false,"bullet-hover":"rgba(0,0,0,0.21)","bullet-hover-def":false},"key":"hermes","t":3005,"css":".hermes.sr7-bullets {\n}\n\n.hermes .sr7-bullet {\n overflow:hidden;\n border-radius:50%;\n width:##bullet-size##px;\n height:##bullet-size##px;\n background-color: rgba(0, 0, 0, 0);\n box-shadow: inset 0 0 0 ##border##px ##bullet-color##;\n -webkit-transition: background 0.3s ease;\n transition: background 0.3s ease;\n position:absolute;\n}\n\n.hermes .sr7-bullet.sr7-touchhover {\n\t background-color: ##bullet-hover##;\n}\n.hermes .sr7-bullet:after {\n content: ' ';\n position: absolute;\n bottom: 0;\n height: 0;\n left: 0;\n width: 100%;\n background-color: ##bullet-color##;\n box-shadow: 0 0 1px ##bullet-color##;\n -webkit-transition: height 0.3s ease;\n transition: height 0.3s ease;\n}\n.hermes .sr7-bullet.selected:after {\n height:100%;\n}\n","html":"","on":true,"d":["#a","horizontal","#a","#a","#a"],"ps":"arrow-size","s":1000,"dIn":["#a",1000,"#a","#a","#a"],"dOut":["#a",200,"#a","#a","1200"],"show":[true,true,true,true,true],"g":5,"a":"slider","anim":"fade","x":["#a","0","#a","#a","#a"],"y":["#a","20","#a","#a","#a"],"v":["#a","bottom","#a","#a","#a"],"h":["#a","center","#a","#a","#a"]}},"aU":[],"imgs":[{"lib_id":14064,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2026\/06\/Website-Bannar.jpg"},{"lib_id":13607,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2025\/10\/wwwwwww-1-02.jpg"},{"lib_id":13606,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2025\/10\/rwrwrw-02.jpg"},{"lib_id":13605,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2025\/10\/eeeee-02.jpg"},{"lib_id":13604,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2025\/10\/fffff-1-02.jpg"}],"codes":{"css":"","js":""},"version":"6.7.20"},"slides":{"1":{"id":1,"slide":{"addOns":[],"id":1,"version":"6.7.18","title":"Slide","parentId":null,"language":"default","order":1,"thumb":{"src":"","srcId":"","admin":"","adminId":"","dimension":"slider","default":{"color":"rgba(248, 248, 248, 1)"}},"description":"","attr":{"class":"","data":"","id":"","a":"","aO":"ml","t":"","tO":"","deepLink":"","attr":""},"publish":{"from":"","to":"","state":""},"slideshow":{"stop":false,"len":"default","hal":0,"hom":false,"hfn":false},"loop":{"u":false,"r":-1,"s":0,"e":99999}},"layers":{"6":{"fluid":{"tx":true,"tr":true,"sp":true},"id":6,"alias":"Image-6","content":{"src":"https:\/\/eonhk.com\/wp-content\/uploads\/2026\/06\/Website-Bannar.jpg","lib":"medialibrary","lib_id":14064,"size":"100% 100%"},"size":{"w":["1030px","1030px","850px","645px","397px"],"h":["515px","515px","425px","322px","198px"],"minW":["none","none","none","none","none"],"minH":["none","none","none","none","none"],"sProp":true},"pos":{"x":["297px","297px","245px","186px","114px"],"y":["auto","auto","auto","auto","auto"],"pos":"absolute","float":["none","none","none","none","none"],"clear":["none","none","none","none","none"]},"zIndex":6,"order":6,"display":["block","block","block","block","block"],"vA":"top","bg":{"color":{"orig":"transparent","type":"solid","string":"transparent"}},"attr":{"aO":"ml","tO":"ml"},"tl":{"in":{"content":{"pers":"600px","orig":{"x":"50%","y":"50%","z":"0"},"all":[{"t":0,"d":0,"f":0,"e":"power3.inOut","pE":"d","x":[0,0,0,0,0],"y":[0,0,0,0,0],"o":0,"xRe":0,"yRe":0,"off":0},{"t":0,"d":300,"f":300,"e":"power3.inOut","pE":"d","x":[0,0,0,0,0],"y":[0,0,0,0,0],"o":1,"xRe":0,"yRe":0,"off":0}]}},"out":{"content":{"pers":"600px","orig":{"x":"50%","y":"50%","z":"0"},"all":[{"t":0,"d":300,"f":300,"e":"power3.inOut","pE":"n","x":["inherit","inherit","inherit","inherit","inherit"],"y":["inherit","inherit","inherit","inherit","inherit"],"o":0,"xRe":0,"yRe":0,"off":0}]}}},"p":{"t":[0,0,0,0,0],"b":[0,0,0,0,0],"l":[0,0,0,0,0],"r":[0,0,0,0,0]},"m":{"t":[0,0,0,0,0],"b":[0,0,0,0,0],"l":[0,0,0,0,0],"r":[0,0,0,0,0]},"type":"image"},"7":{"rTo":"slide","id":7,"alias":"Slide BG Layer","subtype":"slidebg","size":{"cMode":"cover"},"pos":{"h":["center","center","center","center","center"],"v":["center","center","center","center","center"],"pos":"absolute"},"zIndex":0,"order":0,"display":["block","block","block","block","block"],"bg":{"color":{"type":"solid","orig":"#f8f8f8","string":"rgba(248, 248, 248, 1)"}},"tl":{"in":{"bg":{"ms":600,"rnd":false,"temp":{"t":"*opacity* Fade In","p":"fade","m":"basic","g":"fade"},"addOns":[],"in":{"o":0},"out":{"a":false}}}},"type":"shape"}}},"9":{"id":9,"slide":{"addOns":[],"id":9,"version":"6.7.20","title":"Slide","parentId":null,"language":"default","order":2,"thumb":{"src":"","srcId":"","admin":"","adminId":"","dimension":"slider","default":{"color":"rgba(248, 248, 248, 1)"}},"description":"","attr":{"class":"","data":"","id":"","a":"","aO":"ml","t":"","tO":"","deepLink":"","attr":""},"publish":{"from":"","to":"","state":""},"slideshow":{"stop":false,"len":"default","hal":0,"hom":false,"hfn":false},"loop":{"u":false,"r":-1,"s":0,"e":99999}},"layers":[]},"3":{"id":3,"slide":{"addOns":[],"id":3,"version":"6.7.18","title":"Slide","parentId":null,"language":"default","order":3,"thumb":{"src":"","srcId":"","admin":"","adminId":"","dimension":"slider","default":{"color":"rgba(248, 248, 248, 1)"}},"description":"","attr":{"class":"","data":"","id":"","a":"","aO":"ml","t":"","tO":"","deepLink":"","attr":""},"publish":{"from":"","to":"","state":""},"slideshow":{"stop":false,"len":"default","hal":0,"hom":false,"hfn":false},"loop":{"u":false,"r":-1,"s":0,"e":99999}},"layers":[]},"4":{"id":"4","slide":{"addOns":[],"id":4,"version":"6.7.18","title":"Global Layers","parentId":null,"language":"default","oflow":false,"global":true,"respVP":true,"pos":"front","fullHeight":true},"layers":[]}},"id":"1","addOns":[]};
if (SR7.F.init) SR7.F.init(); // DOUBLE CALL NOT A PROBLEM, MANAGED IN INIT
document.addEventListener('DOMContentLoaded', function() {if (SR7.F.init) SR7.F.init(); else SR7.shouldBeInited = true;});
window.addEventListener('load', function() {if (SR7.F.init) SR7.F.init(); else SR7.shouldBeInited = true; });
SR7.E.v6v7ids ??= {}
SR7.E.v6v7ids = JSON.parse('{\"n\":{\"1\":1,\"2\":2,\"3\":3,\"4\":5,\"8\":9,\"15\":18},\"s\":{\"1\":4}}');
</script>
</body>
</html>
--0b38f617-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||eonhk.com|F|2"] [data "TX:0=video/mpeg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||eonhk.com|F|2"] [data "TX:0=video/mpeg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eonhk.com"] [uri "/"] [unique_id "akT8Kva2KgOyAmlZY0uzTQAAAA4"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "eonhk.com"] [uri "/index.php"] [unique_id "akT8Kva2KgOyAmlZY0uzTQAAAA4"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/eonhk.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1782905898882634 690767 (- - -)
Stopwatch2: 1782905898882634 690767; combined=12906, p1=417, p2=2582, p3=59, p4=9711, p5=136, sr=95, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0b38f617-Z--
--8475d850-A--
[01/Jul/2026:11:42:41.495420 +0000] akT9MR9eA2Q92AizAooB1wAAAEQ 209.50.175.235 47008 172.26.37.160 7081
--8475d850-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: contintechind.com
X-Real-IP: 209.50.175.235
X-Accel-Internal: /internal-nginx-static-location
User-Agent: Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,ar;q=0.8
Cache-Control: no-cache
Pragma: no-cache
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Upgrade-Insecure-Requests: 1
--8475d850-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8475d850-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "contintechind.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akT9MR9eA2Q92AizAooB1wAAAEQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782906161493000 2497 (- - -)
Stopwatch2: 1782906161493000 2497; combined=922, p1=278, p2=591, p3=0, p4=0, p5=52, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8475d850-Z--
--54978e55-A--
[01/Jul/2026:11:48:57.562625 +0000] akT@qWqEWd-kjYG4aGjnzAAAAJY 172.68.23.164 55406 172.26.37.160 7081
--54978e55-B--
GET /wp-json/wp/v2/users HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.68.23.164
X-Forwarded-For: 167.253.18.212
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
sec-fetch-mode: navigate
sec-fetch-site: none
user-agent: Go-http-client/1.1
upgrade-insecure-requests: 1
cf-ray: a1452f40f85b765a-SEA
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, br
accept-language: en-US,en;q=0.9
cache-control: max-age=0
sec-ch-ua: "Not_A Brand";v="8", "Chromium";v="120"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: document
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 167.253.18.212
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
--54978e55-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--54978e55-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "simottodesign.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akT@qWqEWd-kjYG4aGjnzAAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782906537558799 3921 (- - -)
Stopwatch2: 1782906537558799 3921; combined=2062, p1=283, p2=1730, p3=0, p4=0, p5=48, sr=65, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--54978e55-Z--
--b30d1f23-A--
[01/Jul/2026:11:51:35.556174 +0000] akT-R2qEWd-kjYG4aGjn8wAAAI4 67.211.210.99 41968 172.26.37.160 7081
--b30d1f23-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: avmhk.com
X-Real-IP: 67.211.210.99
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46QWRtaW4yMDIy
accept: application/json
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
--b30d1f23-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b30d1f23-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avmhk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akT-R2qEWd-kjYG4aGjn8wAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1782906695553315 2916 (- - -)
Stopwatch2: 1782906695553315 2916; combined=862, p1=284, p2=528, p3=0, p4=0, p5=49, sr=65, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b30d1f23-Z--
--e43ab748-A--
[01/Jul/2026:11:55:00.485882 +0000] akUAFGqEWd-kjYG4aGjoBgAAAIw 68.100.73.21 53348 172.26.37.160 7081
--e43ab748-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e43ab748-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e43ab748-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUAFGqEWd-kjYG4aGjoBgAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782906900481776 4168 (- - -)
Stopwatch2: 1782906900481776 4168; combined=1812, p1=332, p2=1290, p3=0, p4=0, p5=129, sr=72, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e43ab748-Z--
--6c26d50d-A--
[01/Jul/2026:11:56:38.468358 +0000] akUAdmqEWd-kjYG4aGjoJwAAAJY 68.100.73.21 59914 172.26.37.160 7081
--6c26d50d-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--6c26d50d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6c26d50d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUAdmqEWd-kjYG4aGjoJwAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782906998465496 2949 (- - -)
Stopwatch2: 1782906998465496 2949; combined=1651, p1=320, p2=1018, p3=0, p4=0, p5=191, sr=76, sw=122, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6c26d50d-Z--
--290df220-A--
[01/Jul/2026:11:56:49.330259 +0000] akUAgR9eA2Q92AizAooC6gAAAFI 68.100.73.21 47498 172.26.37.160 7081
--290df220-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--290df220-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--290df220-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUAgR9eA2Q92AizAooC6gAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782907009326187 4161 (- - -)
Stopwatch2: 1782907009326187 4161; combined=1592, p1=319, p2=1083, p3=0, p4=0, p5=121, sr=76, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--290df220-Z--
--1b296457-A--
[01/Jul/2026:11:57:54.380770 +0000] akUAwh9eA2Q92AizAooC-AAAAEU 68.100.73.21 39636 172.26.37.160 7081
--1b296457-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1b296457-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1b296457-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUAwh9eA2Q92AizAooC-AAAAEU"]
Action: Intercepted (phase 2)
Stopwatch: 1782907074377570 3269 (- - -)
Stopwatch2: 1782907074377570 3269; combined=1418, p1=339, p2=911, p3=0, p4=0, p5=109, sr=74, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1b296457-Z--
--2ad4545f-A--
[01/Jul/2026:11:58:49.021587 +0000] akUA@fa2KgOyAmlZY0u0YwAAAAE 68.100.73.21 34386 172.26.37.160 7081
--2ad4545f-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--2ad4545f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2ad4545f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUA@fa2KgOyAmlZY0u0YwAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782907129017739 3907 (- - -)
Stopwatch2: 1782907129017739 3907; combined=1491, p1=333, p2=957, p3=0, p4=0, p5=137, sr=87, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2ad4545f-Z--
--dabfcd1b-A--
[01/Jul/2026:11:59:43.797238 +0000] akUBLx9eA2Q92AizAooDFwAAAEs 68.100.73.21 57456 172.26.37.160 7081
--dabfcd1b-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--dabfcd1b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dabfcd1b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUBLx9eA2Q92AizAooDFwAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782907183793783 3510 (- - -)
Stopwatch2: 1782907183793783 3510; combined=2366, p1=938, p2=1267, p3=0, p4=0, p5=105, sr=74, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dabfcd1b-Z--
--d578020e-A--
[01/Jul/2026:11:59:54.644572 +0000] akUBOh9eA2Q92AizAooDHQAAAE0 68.100.73.21 60346 172.26.37.160 7081
--d578020e-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--d578020e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d578020e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUBOh9eA2Q92AizAooDHQAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782907194642034 2598 (- - -)
Stopwatch2: 1782907194642034 2598; combined=1405, p1=309, p2=930, p3=0, p4=0, p5=107, sr=72, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d578020e-Z--
--1eea2b50-A--
[01/Jul/2026:12:00:49.137383 +0000] akUBcfa2KgOyAmlZY0u0pAAAAAg 68.100.73.21 39426 172.26.37.160 7081
--1eea2b50-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1eea2b50-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1eea2b50-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUBcfa2KgOyAmlZY0u0pAAAAAg"]
Action: Intercepted (phase 2)
Stopwatch: 1782907249133674 3794 (- - -)
Stopwatch2: 1782907249133674 3794; combined=1967, p1=351, p2=1351, p3=0, p4=0, p5=173, sr=79, sw=92, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1eea2b50-Z--
--6f56615d-A--
[01/Jul/2026:12:00:59.980828 +0000] akUBex9eA2Q92AizAooDcAAAAFQ 68.100.73.21 53408 172.26.37.160 7081
--6f56615d-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--6f56615d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6f56615d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUBex9eA2Q92AizAooDcAAAAFQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782907259977246 3655 (- - -)
Stopwatch2: 1782907259977246 3655; combined=2479, p1=977, p2=1333, p3=0, p4=0, p5=111, sr=66, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6f56615d-Z--
--04a4f848-A--
[01/Jul/2026:12:02:16.164913 +0000] akUByB9eA2Q92AizAooDtAAAAEk 68.100.73.21 53152 172.26.37.160 7081
--04a4f848-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--04a4f848-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--04a4f848-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUByB9eA2Q92AizAooDtAAAAEk"]
Action: Intercepted (phase 2)
Stopwatch: 1782907336161983 3022 (- - -)
Stopwatch2: 1782907336161983 3022; combined=1484, p1=319, p2=988, p3=0, p4=0, p5=115, sr=79, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--04a4f848-Z--
--1ffc4935-A--
[01/Jul/2026:12:02:26.937355 +0000] akUB0mqEWd-kjYG4aGjolwAAAJQ 68.100.73.21 35400 172.26.37.160 7081
--1ffc4935-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 726
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--1ffc4935-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1ffc4935-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUB0mqEWd-kjYG4aGjolwAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782907346934232 3216 (- - -)
Stopwatch2: 1782907346934232 3216; combined=1447, p1=325, p2=959, p3=0, p4=0, p5=106, sr=73, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1ffc4935-Z--
--04125900-A--
[01/Jul/2026:12:03:32.088388 +0000] akUCFPa2KgOyAmlZY0u0@QAAAA8 68.100.73.21 39828 172.26.37.160 7081
--04125900-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--04125900-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--04125900-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUCFPa2KgOyAmlZY0u0@QAAAA8"]
Action: Intercepted (phase 2)
Stopwatch: 1782907412085225 3417 (- - -)
Stopwatch2: 1782907412085225 3417; combined=1776, p1=572, p2=1025, p3=0, p4=0, p5=118, sr=79, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--04125900-Z--
--702f5852-A--
[01/Jul/2026:12:03:53.937119 +0000] akUCKfa2KgOyAmlZY0u1BAAAAAw 68.100.73.21 53738 172.26.37.160 7081
--702f5852-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--702f5852-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--702f5852-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUCKfa2KgOyAmlZY0u1BAAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782907433933726 3453 (- - -)
Stopwatch2: 1782907433933726 3453; combined=1610, p1=342, p2=1066, p3=0, p4=0, p5=140, sr=77, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--702f5852-Z--
--92332b3a-A--
[01/Jul/2026:12:04:48.709585 +0000] akUCYB9eA2Q92AizAooD8AAAAEU 68.100.73.21 48544 172.26.37.160 7081
--92332b3a-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 728
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--92332b3a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--92332b3a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (3+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUCYB9eA2Q92AizAooD8AAAAEU"]
Action: Intercepted (phase 2)
Stopwatch: 1782907488706283 3364 (- - -)
Stopwatch2: 1782907488706283 3364; combined=1597, p1=398, p2=991, p3=0, p4=0, p5=141, sr=86, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--92332b3a-Z--
--a5919a10-A--
[01/Jul/2026:12:05:53.987049 +0000] akUCoR9eA2Q92AizAooD@QAAAEw 68.100.73.21 39044 172.26.37.160 7081
--a5919a10-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 728
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--a5919a10-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a5919a10-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUCoR9eA2Q92AizAooD@QAAAEw"]
Action: Intercepted (phase 2)
Stopwatch: 1782907553983303 3803 (- - -)
Stopwatch2: 1782907553983303 3803; combined=1778, p1=354, p2=1207, p3=0, p4=0, p5=140, sr=84, sw=77, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a5919a10-Z--
--a3b62951-A--
[01/Jul/2026:12:06:26.726336 +0000] akUCwmqEWd-kjYG4aGjovQAAAIY 68.100.73.21 36134 172.26.37.160 7081
--a3b62951-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a3b62951-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a3b62951-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUCwmqEWd-kjYG4aGjovQAAAIY"]
Action: Intercepted (phase 2)
Stopwatch: 1782907586723048 3353 (- - -)
Stopwatch2: 1782907586723048 3353; combined=2170, p1=309, p2=1681, p3=0, p4=0, p5=118, sr=73, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a3b62951-Z--
--c2da1859-A--
[01/Jul/2026:12:06:50.051878 +0000] akUC2mqEWd-kjYG4aGjovwAAAJU 104.23.211.119 54034 172.26.37.160 7081
--c2da1859-B--
GET /?lokasie=/var/www/vhosts/simottodesign.com/.htaccess&loknya=/var/www/vhosts/simottodesign.com HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.211.119
X-Forwarded-For: 43.166.238.12
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
accept-encoding: gzip, br
accept-language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
upgrade-insecure-requests: 1
pragma: no-cache
cf-ray: a145496efedd1770-IAD
cache-control: no-cache
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 43.166.238.12
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
--c2da1859-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c2da1859-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/"] [unique_id "akUC2mqEWd-kjYG4aGjovwAAAJU"]
Action: Intercepted (phase 1)
Stopwatch: 1782907610051142 816 (- - -)
Stopwatch2: 1782907610051142 816; combined=255, p1=202, p2=0, p3=0, p4=0, p5=52, sr=78, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c2da1859-Z--
--c6680222-A--
[01/Jul/2026:12:07:19.425457 +0000] akUC92qEWd-kjYG4aGjoxAAAAI0 179.43.150.26 37850 172.26.37.160 7080
--c6680222-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 179.43.150.26
accept: */*
user-agent: Mozilla/5.0
--c6680222-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--c6680222-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akUC92qEWd-kjYG4aGjoxAAAAI0"]
Action: Intercepted (phase 1)
Stopwatch: 1782907639424913 585 (- - -)
Stopwatch2: 1782907639424913 585; combined=235, p1=188, p2=0, p3=0, p4=0, p5=47, sr=73, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c6680222-Z--
--a025806b-A--
[01/Jul/2026:12:07:19.721498 +0000] akUC9x9eA2Q92AizAooEDwAAAE8 179.43.150.26 37860 172.26.37.160 7080
--a025806b-B--
GET /.env.local HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 179.43.150.26
accept: */*
user-agent: Mozilla/5.0
--a025806b-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--a025806b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env.local"] [unique_id "akUC9x9eA2Q92AizAooEDwAAAE8"]
Action: Intercepted (phase 1)
Stopwatch: 1782907639720885 650 (- - -)
Stopwatch2: 1782907639720885 650; combined=232, p1=179, p2=0, p3=0, p4=0, p5=53, sr=68, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a025806b-Z--
--2a74e821-A--
[01/Jul/2026:12:07:19.824210 +0000] akUC9-a2KgOyAmlZY0u1KAAAAAk 179.43.150.26 37826 172.26.37.160 7080
--2a74e821-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 179.43.150.26
accept: */*
user-agent: Mozilla/5.0
--2a74e821-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--2a74e821-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akUC9-a2KgOyAmlZY0u1KAAAAAk"]
Action: Intercepted (phase 1)
Stopwatch: 1782907639124386 699868 (- - -)
Stopwatch2: 1782907639124386 699868; combined=1398862, p1=196, p2=0, p3=0, p4=0, p5=699356, sr=74, sw=1, l=0, gc=699309
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2a74e821-Z--
--f660eb1d-A--
[01/Jul/2026:12:07:20.015967 +0000] akUC@Pa2KgOyAmlZY0u1KQAAAAA 179.43.150.26 37868 172.26.37.160 7080
--f660eb1d-B--
GET /.env.production HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 179.43.150.26
accept: */*
user-agent: Mozilla/5.0
--f660eb1d-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--f660eb1d-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env.production"] [unique_id "akUC@Pa2KgOyAmlZY0u1KQAAAAA"]
Action: Intercepted (phase 1)
Stopwatch: 1782907640015338 672 (- - -)
Stopwatch2: 1782907640015338 672; combined=269, p1=217, p2=0, p3=0, p4=0, p5=51, sr=99, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f660eb1d-Z--
--ee7d8722-A--
[01/Jul/2026:12:07:20.310487 +0000] akUC@B9eA2Q92AizAooEEAAAAFI 179.43.150.26 37874 172.26.37.160 7080
--ee7d8722-B--
GET /.env.development HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 179.43.150.26
accept: */*
user-agent: Mozilla/5.0
--ee7d8722-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--ee7d8722-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env.development"] [unique_id "akUC@B9eA2Q92AizAooEEAAAAFI"]
Action: Intercepted (phase 1)
Stopwatch: 1782907640309976 547 (- - -)
Stopwatch2: 1782907640309976 547; combined=244, p1=193, p2=0, p3=0, p4=0, p5=50, sr=80, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ee7d8722-Z--
--ac53d058-A--
[01/Jul/2026:12:07:20.604331 +0000] akUC@B9eA2Q92AizAooEEQAAAE0 179.43.150.26 37882 172.26.37.160 7080
--ac53d058-B--
GET /.env.dev HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 179.43.150.26
accept: */*
user-agent: Mozilla/5.0
--ac53d058-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--ac53d058-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env.dev"] [unique_id "akUC@B9eA2Q92AizAooEEQAAAE0"]
Action: Intercepted (phase 1)
Stopwatch: 1782907640603821 546 (- - -)
Stopwatch2: 1782907640603821 546; combined=235, p1=184, p2=0, p3=0, p4=0, p5=50, sr=76, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ac53d058-Z--
--7ba4c116-A--
[01/Jul/2026:12:07:20.899344 +0000] akUC@B9eA2Q92AizAooEEgAAAEY 179.43.150.26 37896 172.26.37.160 7080
--7ba4c116-B--
GET /.env.prod HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 179.43.150.26
accept: */*
user-agent: Mozilla/5.0
--7ba4c116-F--
HTTP/1.1 403 Forbidden
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
--7ba4c116-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env.prod"] [unique_id "akUC@B9eA2Q92AizAooEEgAAAEY"]
Action: Intercepted (phase 1)
Stopwatch: 1782907640898841 541 (- - -)
Stopwatch2: 1782907640898841 541; combined=239, p1=191, p2=0, p3=0, p4=0, p5=48, sr=73, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7ba4c116-Z--
--c9fa266e-A--
[01/Jul/2026:12:07:42.438689 +0000] akUDDh9eA2Q92AizAooEUAAAAFM 68.100.73.21 40892 172.26.37.160 7081
--c9fa266e-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c9fa266e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c9fa266e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUDDh9eA2Q92AizAooEUAAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782907662435944 2807 (- - -)
Stopwatch2: 1782907662435944 2807; combined=1579, p1=336, p2=956, p3=0, p4=0, p5=225, sr=81, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c9fa266e-Z--
--c647455a-A--
[01/Jul/2026:12:07:54.356030 +0000] akUDGh9eA2Q92AizAooEZQAAAEo 202.51.202.242 32780 172.26.37.160 7081
--c647455a-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 202.51.202.242
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://preemptivestrategies.hk/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0
--c647455a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c647455a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akUDGh9eA2Q92AizAooEZQAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782907674353211 2884 (- - -)
Stopwatch2: 1782907674353211 2884; combined=1058, p1=295, p2=707, p3=0, p4=0, p5=55, sr=78, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c647455a-Z--
--f5c9b734-A--
[01/Jul/2026:12:08:05.048461 +0000] akUDJR9eA2Q92AizAooEeAAAAEk 162.158.162.254 49398 172.26.37.160 7081
--f5c9b734-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: airvenushk.com
X-Real-IP: 162.158.162.254
X-Forwarded-For: 147.93.157.123
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46cGFzcw==
accept: application/json
user-agent: Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
accept-encoding: gzip, br
cf-ray: a1454b473eb9273f-SIN
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 147.93.157.123
cf-ipcountry: SG
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f5c9b734-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f5c9b734-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "airvenushk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akUDJR9eA2Q92AizAooEeAAAAEk"]
Action: Intercepted (phase 2)
Stopwatch: 1782907685044328 4208 (- - -)
Stopwatch2: 1782907685044328 4208; combined=960, p1=301, p2=600, p3=0, p4=0, p5=58, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f5c9b734-Z--
--84feba20-A--
[01/Jul/2026:12:08:15.022418 +0000] akUDL2qEWd-kjYG4aGjpTAAAAJY 68.100.73.21 51888 172.26.37.160 7081
--84feba20-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--84feba20-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--84feba20-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUDL2qEWd-kjYG4aGjpTAAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782907695019330 3148 (- - -)
Stopwatch2: 1782907695019330 3148; combined=1906, p1=758, p2=980, p3=0, p4=0, p5=108, sr=75, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--84feba20-Z--
--820e3644-A--
[01/Jul/2026:12:08:58.387862 +0000] akUDWmqEWd-kjYG4aGjp6wAAAJU 68.100.73.21 50670 172.26.37.160 7081
--820e3644-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--820e3644-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--820e3644-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUDWmqEWd-kjYG4aGjp6wAAAJU"]
Action: Intercepted (phase 2)
Stopwatch: 1782907738383917 4029 (- - -)
Stopwatch2: 1782907738383917 4029; combined=2586, p1=917, p2=1420, p3=0, p4=0, p5=168, sr=71, sw=81, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--820e3644-Z--
--49f8615e-A--
[01/Jul/2026:12:10:14.783319 +0000] akUDpmqEWd-kjYG4aGjqawAAAJU 68.100.73.21 46842 172.26.37.160 7081
--49f8615e-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--49f8615e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--49f8615e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUDpmqEWd-kjYG4aGjqawAAAJU"]
Action: Intercepted (phase 2)
Stopwatch: 1782907814779867 3508 (- - -)
Stopwatch2: 1782907814779867 3508; combined=2322, p1=310, p2=1836, p3=0, p4=0, p5=115, sr=74, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--49f8615e-Z--
--2d1e990c-A--
[01/Jul/2026:12:10:36.600212 +0000] akUDvGqEWd-kjYG4aGjqbQAAAJE 68.100.73.21 39916 172.26.37.160 7081
--2d1e990c-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--2d1e990c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2d1e990c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUDvGqEWd-kjYG4aGjqbQAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782907836596512 3755 (- - -)
Stopwatch2: 1782907836596512 3755; combined=1890, p1=348, p2=1366, p3=0, p4=0, p5=115, sr=74, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2d1e990c-Z--
--f9897615-A--
[01/Jul/2026:12:11:52.407573 +0000] akUECPa2KgOyAmlZY0u3KAAAAAM 68.100.73.21 51382 172.26.37.160 7081
--f9897615-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f9897615-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f9897615-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUECPa2KgOyAmlZY0u3KAAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782907912403614 4018 (- - -)
Stopwatch2: 1782907912403614 4018; combined=2554, p1=964, p2=1396, p3=0, p4=0, p5=126, sr=74, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f9897615-Z--
--b5dfc267-A--
[01/Jul/2026:12:12:03.255861 +0000] akUEE2qEWd-kjYG4aGjquwAAAJM 68.100.73.21 59538 172.26.37.160 7081
--b5dfc267-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b5dfc267-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b5dfc267-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUEE2qEWd-kjYG4aGjquwAAAJM"]
Action: Intercepted (phase 2)
Stopwatch: 1782907923252329 3589 (- - -)
Stopwatch2: 1782907923252329 3589; combined=2398, p1=319, p2=1891, p3=0, p4=0, p5=122, sr=77, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b5dfc267-Z--
--a3ef6430-A--
[01/Jul/2026:12:13:29.735815 +0000] akUEaWqEWd-kjYG4aGjqwgAAAJQ 68.100.73.21 36288 172.26.37.160 7081
--a3ef6430-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 724
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--a3ef6430-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a3ef6430-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUEaWqEWd-kjYG4aGjqwgAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782908009732540 3336 (- - -)
Stopwatch2: 1782908009732540 3336; combined=1527, p1=349, p2=990, p3=0, p4=0, p5=122, sr=77, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a3ef6430-Z--
--d52fd971-A--
[01/Jul/2026:12:13:40.623453 +0000] akUEdHT7Mzso1vrUjBLMBAAAANQ 68.100.73.21 53520 172.26.37.160 7081
--d52fd971-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d52fd971-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d52fd971-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUEdHT7Mzso1vrUjBLMBAAAANQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782908020619759 3762 (- - -)
Stopwatch2: 1782908020619759 3762; combined=2207, p1=818, p2=1217, p3=0, p4=0, p5=113, sr=75, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d52fd971-Z--
--65c7ca55-A--
[01/Jul/2026:12:14:56.496198 +0000] akUEwPa2KgOyAmlZY0u3SAAAAA4 68.100.73.21 49292 172.26.37.160 7081
--65c7ca55-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--65c7ca55-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--65c7ca55-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUEwPa2KgOyAmlZY0u3SAAAAA4"]
Action: Intercepted (phase 2)
Stopwatch: 1782908096492919 3340 (- - -)
Stopwatch2: 1782908096492919 3340; combined=1752, p1=325, p2=1247, p3=0, p4=0, p5=120, sr=80, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--65c7ca55-Z--
--c4199953-A--
[01/Jul/2026:12:15:07.472666 +0000] akUEy-a2KgOyAmlZY0u3SgAAAAQ 68.100.73.21 40930 172.26.37.160 7081
--c4199953-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c4199953-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c4199953-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUEy-a2KgOyAmlZY0u3SgAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782908107468766 3981 (- - -)
Stopwatch2: 1782908107468766 3981; combined=1917, p1=333, p2=1413, p3=0, p4=0, p5=110, sr=73, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c4199953-Z--
--d7fb9022-A--
[01/Jul/2026:12:16:02.018328 +0000] akUFAmqEWd-kjYG4aGjrIAAAAIw 68.100.73.21 39698 172.26.37.160 7081
--d7fb9022-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d7fb9022-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d7fb9022-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUFAmqEWd-kjYG4aGjrIAAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782908162012250 8967 (- - -)
Stopwatch2: 1782908162012250 8967; combined=2513, p1=317, p2=1951, p3=0, p4=0, p5=163, sr=69, sw=82, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d7fb9022-Z--
--c57e6013-A--
[01/Jul/2026:12:16:12.836780 +0000] akUFDBBofVMXpRCyCAsybgAAAEg 68.100.73.21 50716 172.26.37.160 7081
--c57e6013-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c57e6013-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c57e6013-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (0+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUFDBBofVMXpRCyCAsybgAAAEg"]
Action: Intercepted (phase 2)
Stopwatch: 1782908172832475 4565 (- - -)
Stopwatch2: 1782908172832475 4565; combined=1754, p1=335, p2=1248, p3=0, p4=0, p5=110, sr=74, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c57e6013-Z--
--c3e91042-A--
[01/Jul/2026:12:16:14.001956 +0000] akUFDRBofVMXpRCyCAsybwAAAE0 162.158.163.94 50732 172.26.37.160 7081
--c3e91042-B--
GET /?lokasie=/var/www/vhosts/simottodesign.com/simottodesign_db.sql.gz&loknya=/var/www/vhosts/simottodesign.com HTTP/1.1
Host: simottodesign.com
X-Real-IP: 162.158.163.94
X-Forwarded-For: 43.134.23.177
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
accept-encoding: gzip, br
accept-language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
upgrade-insecure-requests: 1
pragma: no-cache
cf-ray: a1455735fd2cc887-SIN
cache-control: no-cache
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 43.134.23.177
cf-ipcountry: SG
cf-visitor: {"scheme":"https"}
--c3e91042-F--
HTTP/1.1 500 Internal Server Error
X-Powered-By: PHP/8.3.31
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "45e-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 1118
Connection: close
Content-Type: text/html
--c3e91042-H--
Message: Output filter: Response body too large (over limit of 1048576, total not specified).
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Output filter: Response body too large (over limit of 1048576, total not specified). [hostname "simottodesign.com"] [uri "/index.php"] [unique_id "akUFDRBofVMXpRCyCAsybwAAAE0"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 984] [level 3] [status 20014] AH01075: Error dispatching request to : (passing brigade to output filters)
Stopwatch: 1782908173791339 210713 (- - -)
Stopwatch2: 1782908173791339 210713; combined=2346, p1=299, p2=1898, p3=70, p4=0, p5=79, sr=83, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c3e91042-Z--
--d465ce30-A--
[01/Jul/2026:12:17:41.879519 +0000] akUFZWqEWd-kjYG4aGjrMwAAAJU 68.100.73.21 57792 172.26.37.160 7081
--d465ce30-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d465ce30-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d465ce30-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (2+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUFZWqEWd-kjYG4aGjrMwAAAJU"]
Action: Intercepted (phase 2)
Stopwatch: 1782908261875774 4066 (- - -)
Stopwatch2: 1782908261875774 4066; combined=2557, p1=329, p2=2056, p3=0, p4=0, p5=111, sr=71, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d465ce30-Z--
--5f4e1e4d-A--
[01/Jul/2026:12:18:47.409587 +0000] akUFp2qEWd-kjYG4aGjrOgAAAIw 68.100.73.21 46190 172.26.37.160 7081
--5f4e1e4d-B--
POST /xmlrpc.php HTTP/1.1
Host: contintechind.com
X-Real-IP: 68.100.73.21
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5f4e1e4d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 18 Oct 2022 07:12:53 GMT
ETag: "31b-5eb49d218db82"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5f4e1e4d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 68.100.73.21 (1+1 hits since last alert)|contintechind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "contintechind.com"] [uri "/xmlrpc.php"] [unique_id "akUFp2qEWd-kjYG4aGjrOgAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782908327404362 5280 (- - -)
Stopwatch2: 1782908327404362 5280; combined=3485, p1=342, p2=2963, p3=0, p4=0, p5=116, sr=76, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5f4e1e4d-Z--
--7e1ca574-A--
[01/Jul/2026:12:22:58.328649 +0000] akUGohBofVMXpRCyCAsyogAAAFA 104.23.166.189 41486 172.26.37.160 7081
--7e1ca574-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1456115dd1ef546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7e1ca574-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7e1ca574-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUGohBofVMXpRCyCAsyogAAAFA"]
Action: Intercepted (phase 2)
Stopwatch: 1782908578325314 3442 (- - -)
Stopwatch2: 1782908578325314 3442; combined=1799, p1=310, p2=1303, p3=0, p4=0, p5=125, sr=72, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7e1ca574-Z--
--6a08062a-A--
[01/Jul/2026:12:23:29.900569 +0000] akUGwWqEWd-kjYG4aGjragAAAIM 104.23.166.189 34826 172.26.37.160 7081
--6a08062a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14561db3b25f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6a08062a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6a08062a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUGwWqEWd-kjYG4aGjragAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782908609896645 4015 (- - -)
Stopwatch2: 1782908609896645 4015; combined=2128, p1=376, p2=1561, p3=0, p4=0, p5=125, sr=103, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6a08062a-Z--
--08b1ec7a-A--
[01/Jul/2026:12:24:43.598330 +0000] akUHCxBofVMXpRCyCAsytQAAAEA 104.23.166.189 34810 172.26.37.160 7081
--08b1ec7a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14563a7dc82f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--08b1ec7a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--08b1ec7a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUHCxBofVMXpRCyCAsytQAAAEA"]
Action: Intercepted (phase 2)
Stopwatch: 1782908683594353 4243 (- - -)
Stopwatch2: 1782908683594353 4243; combined=2277, p1=331, p2=1761, p3=0, p4=0, p5=123, sr=70, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--08b1ec7a-Z--
--756b0928-A--
[01/Jul/2026:12:24:54.836580 +0000] akUHFhBofVMXpRCyCAsytgAAAFc 104.23.166.189 37954 172.26.37.160 7081
--756b0928-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14563e9aadff546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--756b0928-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--756b0928-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUHFhBofVMXpRCyCAsytgAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782908694126346 710320 (- - -)
Stopwatch2: 1782908694126346 710320; combined=1412632, p1=325, p2=1169, p3=0, p4=0, p5=705601, sr=84, sw=99, l=0, gc=705438
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--756b0928-Z--
--5f15e242-A--
[01/Jul/2026:12:25:57.351813 +0000] akUHVWqEWd-kjYG4aGjrjwAAAIs 104.23.166.189 58522 172.26.37.160 7081
--5f15e242-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1456574cfe8f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5f15e242-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5f15e242-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (3+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUHVWqEWd-kjYG4aGjrjwAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782908757348078 3815 (- - -)
Stopwatch2: 1782908757348078 3815; combined=1691, p1=345, p2=1145, p3=0, p4=0, p5=125, sr=78, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5f15e242-Z--
--9082485a-A--
[01/Jul/2026:12:27:11.098548 +0000] akUHn2qEWd-kjYG4aGjrngAAAIw 104.23.166.189 52216 172.26.37.160 7081
--9082485a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1456741b808f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9082485a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9082485a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUHn2qEWd-kjYG4aGjrngAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782908831095295 3334 (- - -)
Stopwatch2: 1782908831095295 3334; combined=1742, p1=457, p2=1125, p3=0, p4=0, p5=104, sr=198, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9082485a-Z--
--fcd8390b-A--
[01/Jul/2026:12:27:21.581915 +0000] akUHqRBofVMXpRCyCAsyyQAAAFE 104.23.166.189 51980 172.26.37.160 7081
--fcd8390b-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14567833bbaf546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--fcd8390b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fcd8390b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUHqRBofVMXpRCyCAsyyQAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782908841577218 7958 (- - -)
Stopwatch2: 1782908841577218 7958; combined=1530, p1=312, p2=1029, p3=0, p4=0, p5=126, sr=68, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fcd8390b-Z--
--48bf7041-A--
[01/Jul/2026:12:28:24.734161 +0000] akUH6BBofVMXpRCyCAsy2wAAAEA 104.23.166.189 41606 172.26.37.160 7081
--48bf7041-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a145690dea45f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--48bf7041-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--48bf7041-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUH6BBofVMXpRCyCAsy2wAAAEA"]
Action: Intercepted (phase 2)
Stopwatch: 1782908904730280 3972 (- - -)
Stopwatch2: 1782908904730280 3972; combined=1645, p1=350, p2=1127, p3=0, p4=0, p5=111, sr=77, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--48bf7041-Z--
--f0eacd3f-A--
[01/Jul/2026:12:29:27.892841 +0000] akUIJxBofVMXpRCyCAsy4AAAAEs 104.23.166.189 39612 172.26.37.160 7081
--f0eacd3f-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1456a98a907f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f0eacd3f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f0eacd3f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUIJxBofVMXpRCyCAsy4AAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782908967889994 2956 (- - -)
Stopwatch2: 1782908967889994 2956; combined=1561, p1=325, p2=1046, p3=0, p4=0, p5=129, sr=84, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f0eacd3f-Z--
--6459c531-A--
[01/Jul/2026:12:31:13.223692 +0000] akUIkWqEWd-kjYG4aGjr6gAAAJI 104.23.166.189 59474 172.26.37.160 7081
--6459c531-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1456d2aeeccf546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6459c531-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6459c531-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUIkWqEWd-kjYG4aGjr6gAAAJI"]
Action: Intercepted (phase 2)
Stopwatch: 1782909073220476 3299 (- - -)
Stopwatch2: 1782909073220476 3299; combined=1939, p1=622, p2=1133, p3=0, p4=0, p5=119, sr=75, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6459c531-Z--
--a87ea95a-A--
[01/Jul/2026:12:32:26.912299 +0000] akUI2hBofVMXpRCyCAszMQAAAFY 104.23.166.189 49936 172.26.37.160 7081
--a87ea95a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 701
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1456ef78a96f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a87ea95a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a87ea95a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUI2hBofVMXpRCyCAszMQAAAFY"]
Action: Intercepted (phase 2)
Stopwatch: 1782909146909052 3327 (- - -)
Stopwatch2: 1782909146909052 3327; combined=1942, p1=330, p2=1434, p3=0, p4=0, p5=117, sr=87, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a87ea95a-Z--
--7d4ddb38-A--
[01/Jul/2026:12:32:37.443857 +0000] akUI5XT7Mzso1vrUjBLMxQAAANg 104.23.166.189 59836 172.26.37.160 7081
--7d4ddb38-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1456f3958daf546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7d4ddb38-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7d4ddb38-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUI5XT7Mzso1vrUjBLMxQAAANg"]
Action: Intercepted (phase 2)
Stopwatch: 1782909157440390 3551 (- - -)
Stopwatch2: 1782909157440390 3551; combined=1676, p1=349, p2=1129, p3=0, p4=0, p5=131, sr=85, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7d4ddb38-Z--
--50c45936-A--
[01/Jul/2026:12:33:51.208557 +0000] akUJLxBofVMXpRCyCAszPwAAAEI 104.23.166.189 33400 172.26.37.160 7081
--50c45936-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14571066eaaf546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--50c45936-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--50c45936-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUJLxBofVMXpRCyCAszPwAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782909231205277 3382 (- - -)
Stopwatch2: 1782909231205277 3382; combined=1921, p1=299, p2=1454, p3=0, p4=0, p5=110, sr=81, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--50c45936-Z--
--c2575c24-A--
[01/Jul/2026:12:34:22.854361 +0000] akUJTmqEWd-kjYG4aGjsFgAAAIo 104.23.166.189 59696 172.26.37.160 7081
--c2575c24-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 699
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14571cc2b4af546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c2575c24-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c2575c24-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUJTmqEWd-kjYG4aGjsFgAAAIo"]
Action: Intercepted (phase 2)
Stopwatch: 1782909262850711 3766 (- - -)
Stopwatch2: 1782909262850711 3766; combined=1856, p1=347, p2=1278, p3=0, p4=0, p5=152, sr=99, sw=79, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c2575c24-Z--
--32884410-A--
[01/Jul/2026:12:35:26.026323 +0000] akUJjhBofVMXpRCyCAszTAAAAEE 104.23.166.189 33844 172.26.37.160 7081
--32884410-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1457356fa47f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--32884410-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--32884410-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUJjhBofVMXpRCyCAszTAAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782909326022941 3469 (- - -)
Stopwatch2: 1782909326022941 3469; combined=2295, p1=313, p2=1813, p3=0, p4=0, p5=112, sr=69, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--32884410-Z--
--dbd44317-A--
[01/Jul/2026:12:36:29.213663 +0000] akUJzRBofVMXpRCyCAszVAAAAEQ 104.23.166.189 59800 172.26.37.160 7081
--dbd44317-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14574e1ec30f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--dbd44317-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dbd44317-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUJzRBofVMXpRCyCAszVAAAAEQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782909389209902 3841 (- - -)
Stopwatch2: 1782909389209902 3841; combined=1572, p1=318, p2=1071, p3=0, p4=0, p5=123, sr=73, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dbd44317-Z--
--0a46f92c-A--
[01/Jul/2026:12:36:39.821029 +0000] akUJ1xBofVMXpRCyCAszVgAAAFU 104.23.166.189 51812 172.26.37.160 7081
--0a46f92c-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14575243b5cf546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0a46f92c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0a46f92c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUJ1xBofVMXpRCyCAszVgAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782909399817418 3694 (- - -)
Stopwatch2: 1782909399817418 3694; combined=2401, p1=318, p2=1859, p3=0, p4=0, p5=141, sr=76, sw=83, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0a46f92c-Z--
--28c15f0e-A--
[01/Jul/2026:12:37:42.964501 +0000] akUKFmqEWd-kjYG4aGjsNAAAAIw 104.23.166.189 36160 172.26.37.160 7081
--28c15f0e-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14576aedae2f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--28c15f0e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--28c15f0e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUKFmqEWd-kjYG4aGjsNAAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782909462961265 3314 (- - -)
Stopwatch2: 1782909462961265 3314; combined=2144, p1=949, p2=1034, p3=0, p4=0, p5=104, sr=698, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--28c15f0e-Z--
--8e513504-A--
[01/Jul/2026:12:38:04.020296 +0000] akUKLBBofVMXpRCyCAszYAAAAFI 104.23.166.189 58484 172.26.37.160 7081
--8e513504-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14577327c98f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8e513504-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8e513504-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUKLBBofVMXpRCyCAszYAAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782909484016660 3721 (- - -)
Stopwatch2: 1782909484016660 3721; combined=2122, p1=815, p2=1138, p3=0, p4=0, p5=110, sr=99, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8e513504-Z--
--13548c18-A--
[01/Jul/2026:12:38:46.211396 +0000] akUKVhBofVMXpRCyCAszZgAAAEk 104.23.166.189 36200 172.26.37.160 7081
--13548c18-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a145783a2a5ff546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--13548c18-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--13548c18-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUKVhBofVMXpRCyCAszZgAAAEk"]
Action: Intercepted (phase 2)
Stopwatch: 1782909526207557 3924 (- - -)
Stopwatch2: 1782909526207557 3924; combined=1650, p1=366, p2=1082, p3=0, p4=0, p5=138, sr=103, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--13548c18-Z--
--07479266-A--
[01/Jul/2026:12:39:28.326563 +0000] akUKgGqEWd-kjYG4aGjsQAAAAJI 104.23.166.189 58398 172.26.37.160 7081
--07479266-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14579415977f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--07479266-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--07479266-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUKgGqEWd-kjYG4aGjsQAAAAJI"]
Action: Intercepted (phase 2)
Stopwatch: 1782909568323167 3476 (- - -)
Stopwatch2: 1782909568323167 3476; combined=2161, p1=360, p2=1598, p3=0, p4=0, p5=134, sr=78, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--07479266-Z--
--5ccce871-A--
[01/Jul/2026:12:40:52.573177 +0000] akUK1BBofVMXpRCyCAszegAAAFA 104.23.166.189 53156 172.26.37.160 7081
--5ccce871-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1457b4fec47f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5ccce871-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5ccce871-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUK1BBofVMXpRCyCAszegAAAFA"]
Action: Intercepted (phase 2)
Stopwatch: 1782909652569832 3424 (- - -)
Stopwatch2: 1782909652569832 3424; combined=2214, p1=338, p2=1718, p3=0, p4=0, p5=103, sr=75, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5ccce871-Z--
--33939e3d-A--
[01/Jul/2026:12:41:34.661678 +0000] akUK-hBofVMXpRCyCAszngAAAE4 104.23.166.189 60448 172.26.37.160 7081
--33939e3d-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1457c56fdf8f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--33939e3d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--33939e3d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (2+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUK-hBofVMXpRCyCAszngAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782909694657848 3937 (- - -)
Stopwatch2: 1782909694657848 3937; combined=2555, p1=318, p2=2052, p3=0, p4=0, p5=123, sr=73, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--33939e3d-Z--
--01c56411-A--
[01/Jul/2026:12:41:52.748203 +0000] akULEGqEWd-kjYG4aGjsfQAAAIw 103.151.46.103 40358 172.26.37.160 7081
--01c56411-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--01c56411-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--01c56411-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akULEGqEWd-kjYG4aGjsfQAAAIw"]
Action: Intercepted (phase 2)
Stopwatch: 1782909712745125 3140 (- - -)
Stopwatch2: 1782909712745125 3140; combined=1577, p1=336, p2=1058, p3=0, p4=0, p5=121, sr=75, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--01c56411-Z--
--1790e861-A--
[01/Jul/2026:12:42:37.864904 +0000] akULPWqEWd-kjYG4aGjsiwAAAJY 104.23.166.189 45420 172.26.37.160 7081
--1790e861-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1457de1f884f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1790e861-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1790e861-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akULPWqEWd-kjYG4aGjsiwAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782909757861624 3382 (- - -)
Stopwatch2: 1782909757861624 3382; combined=2047, p1=337, p2=1540, p3=0, p4=0, p5=112, sr=84, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1790e861-Z--
--1c71533e-A--
[01/Jul/2026:12:42:58.918798 +0000] akULUhBofVMXpRCyCAszqAAAAFI 104.23.166.189 49998 172.26.37.160 7081
--1c71533e-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1457e659ba6f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1c71533e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1c71533e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akULUhBofVMXpRCyCAszqAAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782909778915066 4549 (- - -)
Stopwatch2: 1782909778915066 4549; combined=2561, p1=322, p2=2075, p3=0, p4=0, p5=108, sr=80, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1c71533e-Z--
--8ec01d3a-A--
[01/Jul/2026:12:43:07.320975 +0000] akULW2qEWd-kjYG4aGjskQAAAI8 103.151.46.103 38690 172.26.37.160 7081
--8ec01d3a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--8ec01d3a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8ec01d3a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akULW2qEWd-kjYG4aGjskQAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782909787317109 6379 (- - -)
Stopwatch2: 1782909787317109 6379; combined=1474, p1=305, p2=975, p3=0, p4=0, p5=131, sr=70, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8ec01d3a-Z--
--f601c33b-A--
[01/Jul/2026:12:43:49.772466 +0000] akULhWqEWd-kjYG4aGjsnQAAAIk 103.151.46.103 40430 172.26.37.160 7081
--f601c33b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f601c33b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f601c33b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akULhWqEWd-kjYG4aGjsnQAAAIk"]
Action: Intercepted (phase 2)
Stopwatch: 1782909829767100 7043 (- - -)
Stopwatch2: 1782909829767100 7043; combined=1610, p1=325, p2=1079, p3=0, p4=0, p5=136, sr=76, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f601c33b-Z--
--8061e663-A--
[01/Jul/2026:12:43:51.627750 +0000] akULh2qEWd-kjYG4aGjsngAAAIo 104.23.166.189 40442 172.26.37.160 7081
--8061e663-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1457faefa41f546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8061e663-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8061e663-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (0+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akULh2qEWd-kjYG4aGjsngAAAIo"]
Action: Intercepted (phase 2)
Stopwatch: 1782909831624787 3056 (- - -)
Stopwatch2: 1782909831624787 3056; combined=1768, p1=542, p2=1063, p3=0, p4=0, p5=108, sr=278, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8061e663-Z--
--c8544c61-A--
[01/Jul/2026:12:44:02.153438 +0000] akULkmqEWd-kjYG4aGjsowAAAJg 104.23.166.189 60314 172.26.37.160 7081
--c8544c61-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1457ff0c9ccf546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c8544c61-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c8544c61-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akULkmqEWd-kjYG4aGjsowAAAJg"]
Action: Intercepted (phase 2)
Stopwatch: 1782909842149123 4414 (- - -)
Stopwatch2: 1782909842149123 4414; combined=1664, p1=337, p2=1108, p3=0, p4=0, p5=143, sr=87, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c8544c61-Z--
--fa94142a-A--
[01/Jul/2026:12:45:15.856304 +0000] akUL22qEWd-kjYG4aGjsrgAAAIY 104.23.166.189 56686 172.26.37.160 7081
--fa94142a-B--
POST /xmlrpc.php HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.166.189
X-Forwarded-For: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14581bd6d7df546-AMS
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a00:1d34:6449:e200:994d:bf0:5843:4c84
cf-ipcountry: TR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--fa94142a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fa94142a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.23.166.189 (1+1 hits since last alert)|simottodesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "simottodesign.com"] [uri "/xmlrpc.php"] [unique_id "akUL22qEWd-kjYG4aGjsrgAAAIY"]
Action: Intercepted (phase 2)
Stopwatch: 1782909915853452 2932 (- - -)
Stopwatch2: 1782909915853452 2932; combined=1616, p1=349, p2=1094, p3=0, p4=0, p5=113, sr=84, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fa94142a-Z--
--403e1053-A--
[01/Jul/2026:12:45:25.409248 +0000] akUL5RBofVMXpRCyCAszwwAAAFI 103.151.46.103 50736 172.26.37.160 7081
--403e1053-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--403e1053-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--403e1053-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUL5RBofVMXpRCyCAszwwAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782909925403717 8017 (- - -)
Stopwatch2: 1782909925403717 8017; combined=1927, p1=313, p2=1443, p3=0, p4=0, p5=111, sr=68, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--403e1053-Z--
--44f7d81a-A--
[01/Jul/2026:12:46:07.839556 +0000] akUMD2qEWd-kjYG4aGjsvgAAAJY 103.151.46.103 44842 172.26.37.160 7081
--44f7d81a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--44f7d81a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--44f7d81a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUMD2qEWd-kjYG4aGjsvgAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782909967836625 2989 (- - -)
Stopwatch2: 1782909967836625 2989; combined=1511, p1=357, p2=959, p3=0, p4=0, p5=130, sr=104, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--44f7d81a-Z--
--ac308a65-A--
[01/Jul/2026:12:46:39.710836 +0000] akUMLxBofVMXpRCyCAsz2gAAAFE 103.151.46.103 42552 172.26.37.160 7081
--ac308a65-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ac308a65-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ac308a65-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUMLxBofVMXpRCyCAsz2gAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782909999707054 3850 (- - -)
Stopwatch2: 1782909999707054 3850; combined=2255, p1=336, p2=1723, p3=0, p4=0, p5=127, sr=78, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ac308a65-Z--
--5c1e1845-A--
[01/Jul/2026:12:47:22.340110 +0000] akUMWmqEWd-kjYG4aGjs0QAAAI0 103.151.46.103 41096 172.26.37.160 7081
--5c1e1845-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--5c1e1845-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5c1e1845-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUMWmqEWd-kjYG4aGjs0QAAAI0"]
Action: Intercepted (phase 2)
Stopwatch: 1782910042336459 3720 (- - -)
Stopwatch2: 1782910042336459 3720; combined=1454, p1=316, p2=929, p3=0, p4=0, p5=141, sr=91, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5c1e1845-Z--
--2d2ad762-A--
[01/Jul/2026:12:47:36.114764 +0000] akUMaGqEWd-kjYG4aGjs6AAAAI0 38.180.166.165 42920 172.26.37.160 7081
--2d2ad762-B--
GET /.env HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 38.180.166.165
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--2d2ad762-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2d2ad762-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env"] [unique_id "akUMaGqEWd-kjYG4aGjs6AAAAI0"]
Action: Intercepted (phase 1)
Stopwatch: 1782910056114171 648 (- - -)
Stopwatch2: 1782910056114171 648; combined=242, p1=188, p2=0, p3=0, p4=0, p5=53, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2d2ad762-Z--
--b7e8aa2f-A--
[01/Jul/2026:12:47:38.755957 +0000] akUMahBofVMXpRCyCAsz-QAAAEQ 47.238.127.5 43028 172.26.37.160 7081
--b7e8aa2f-B--
GET /.env.local HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 47.238.127.5
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--b7e8aa2f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b7e8aa2f-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.local"] [unique_id "akUMahBofVMXpRCyCAsz-QAAAEQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782910058755394 612 (- - -)
Stopwatch2: 1782910058755394 612; combined=240, p1=189, p2=0, p3=0, p4=0, p5=51, sr=80, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b7e8aa2f-Z--
--0abedd33-A--
[01/Jul/2026:12:47:43.590594 +0000] akUMb3T7Mzso1vrUjBLNOAAAAMg 103.151.46.103 43040 172.26.37.160 7081
--0abedd33-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--0abedd33-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0abedd33-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUMb3T7Mzso1vrUjBLNOAAAAMg"]
Action: Intercepted (phase 2)
Stopwatch: 1782910063587314 3379 (- - -)
Stopwatch2: 1782910063587314 3379; combined=2152, p1=985, p2=957, p3=0, p4=0, p5=137, sr=77, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0abedd33-Z--
--1893b43d-A--
[01/Jul/2026:12:47:44.241679 +0000] akUMcBBofVMXpRCyCAsz-gAAAFQ 47.238.127.5 41646 172.26.37.160 7081
--1893b43d-B--
GET /.env.development HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 47.238.127.5
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--1893b43d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1893b43d-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.development"] [unique_id "akUMcBBofVMXpRCyCAsz-gAAAFQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782910064241047 684 (- - -)
Stopwatch2: 1782910064241047 684; combined=251, p1=201, p2=0, p3=0, p4=0, p5=49, sr=87, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1893b43d-Z--
--99fe1c29-A--
[01/Jul/2026:12:47:44.494214 +0000] akUMcGqEWd-kjYG4aGjs7gAAAIg 47.238.127.5 41658 172.26.37.160 7081
--99fe1c29-B--
GET /.env.dev HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 47.238.127.5
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--99fe1c29-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--99fe1c29-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.dev"] [unique_id "akUMcGqEWd-kjYG4aGjs7gAAAIg"]
Action: Intercepted (phase 1)
Stopwatch: 1782910064493651 612 (- - -)
Stopwatch2: 1782910064493651 612; combined=245, p1=192, p2=0, p3=0, p4=0, p5=53, sr=68, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--99fe1c29-Z--
--74aacf18-A--
[01/Jul/2026:12:47:44.988584 +0000] akUMcBBofVMXpRCyCAsz-wAAAEU 47.238.127.5 41672 172.26.37.160 7081
--74aacf18-B--
GET /.env.prod HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 47.238.127.5
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--74aacf18-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--74aacf18-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.prod"] [unique_id "akUMcBBofVMXpRCyCAsz-wAAAEU"]
Action: Intercepted (phase 1)
Stopwatch: 1782910064988037 602 (- - -)
Stopwatch2: 1782910064988037 602; combined=225, p1=176, p2=0, p3=0, p4=0, p5=48, sr=68, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--74aacf18-Z--
--1a26b71f-A--
[01/Jul/2026:12:47:45.304796 +0000] akUMcRBofVMXpRCyCAs0AAAAAFE 47.238.127.5 41680 172.26.37.160 7081
--1a26b71f-B--
GET /.env.test HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 47.238.127.5
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--1a26b71f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1a26b71f-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.test"] [unique_id "akUMcRBofVMXpRCyCAs0AAAAAFE"]
Action: Intercepted (phase 1)
Stopwatch: 1782910065303807 1066 (- - -)
Stopwatch2: 1782910065303807 1066; combined=221, p1=172, p2=0, p3=0, p4=0, p5=48, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1a26b71f-Z--
--eb690030-A--
[01/Jul/2026:12:47:45.588490 +0000] akUMcXT7Mzso1vrUjBLNOQAAAMY 47.238.127.5 41688 172.26.37.160 7081
--eb690030-B--
GET /.env.staging HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 47.238.127.5
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--eb690030-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--eb690030-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.staging"] [unique_id "akUMcXT7Mzso1vrUjBLNOQAAAMY"]
Action: Intercepted (phase 1)
Stopwatch: 1782910065587787 752 (- - -)
Stopwatch2: 1782910065587787 752; combined=371, p1=317, p2=0, p3=0, p4=0, p5=53, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--eb690030-Z--
--5b4ed821-A--
[01/Jul/2026:12:47:46.080627 +0000] akUMcmqEWd-kjYG4aGjs7wAAAJI 47.238.127.5 41704 172.26.37.160 7081
--5b4ed821-B--
GET /.env.backup HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 47.238.127.5
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--5b4ed821-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5b4ed821-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.backup"] [unique_id "akUMcmqEWd-kjYG4aGjs7wAAAJI"]
Action: Intercepted (phase 1)
Stopwatch: 1782910066079859 817 (- - -)
Stopwatch2: 1782910066079859 817; combined=253, p1=188, p2=0, p3=0, p4=0, p5=64, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5b4ed821-Z--
--21e9cf7d-A--
[01/Jul/2026:12:48:05.979617 +0000] akUMhWqEWd-kjYG4aGjs8wAAAII 152.42.235.126 48900 172.26.37.160 7081
--21e9cf7d-B--
GET /.env.bak HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 152.42.235.126
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--21e9cf7d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--21e9cf7d-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.bak"] [unique_id "akUMhWqEWd-kjYG4aGjs8wAAAII"]
Action: Intercepted (phase 1)
Stopwatch: 1782910085978981 685 (- - -)
Stopwatch2: 1782910085978981 685; combined=256, p1=206, p2=0, p3=0, p4=0, p5=49, sr=79, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--21e9cf7d-Z--
--24c68f4c-A--
[01/Jul/2026:12:48:18.090033 +0000] akUMkmqEWd-kjYG4aGjs-AAAAIg 143.198.85.89 39494 172.26.37.160 7081
--24c68f4c-B--
GET /.env~ HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 143.198.85.89
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--24c68f4c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--24c68f4c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env~"] [unique_id "akUMkmqEWd-kjYG4aGjs-AAAAIg"]
Action: Intercepted (phase 1)
Stopwatch: 1782910098089466 614 (- - -)
Stopwatch2: 1782910098089466 614; combined=246, p1=197, p2=0, p3=0, p4=0, p5=49, sr=86, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--24c68f4c-Z--
--ac5bb45c-A--
[01/Jul/2026:12:48:24.780785 +0000] akUMmGqEWd-kjYG4aGjtAQAAAIQ 90.156.169.29 33912 172.26.37.160 7081
--ac5bb45c-B--
GET /.env.sample HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 90.156.169.29
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--ac5bb45c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ac5bb45c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.sample"] [unique_id "akUMmGqEWd-kjYG4aGjtAQAAAIQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782910104780080 758 (- - -)
Stopwatch2: 1782910104780080 758; combined=242, p1=191, p2=0, p3=0, p4=0, p5=51, sr=70, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ac5bb45c-Z--
--db93b806-A--
[01/Jul/2026:12:48:25.115505 +0000] akUMmWqEWd-kjYG4aGjtAwAAAI4 90.156.169.29 33952 172.26.37.160 7081
--db93b806-B--
GET /.env.dist HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 90.156.169.29
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--db93b806-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--db93b806-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.dist"] [unique_id "akUMmWqEWd-kjYG4aGjtAwAAAI4"]
Action: Intercepted (phase 1)
Stopwatch: 1782910105114715 843 (- - -)
Stopwatch2: 1782910105114715 843; combined=225, p1=173, p2=0, p3=0, p4=0, p5=51, sr=63, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--db93b806-Z--
--5046ed2c-A--
[01/Jul/2026:12:48:25.449431 +0000] akUMmRBofVMXpRCyCAs0DwAAAFY 90.156.169.29 33970 172.26.37.160 7081
--5046ed2c-B--
GET /.env.template HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 90.156.169.29
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--5046ed2c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5046ed2c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.template"] [unique_id "akUMmRBofVMXpRCyCAs0DwAAAFY"]
Action: Intercepted (phase 1)
Stopwatch: 1782910105448832 655 (- - -)
Stopwatch2: 1782910105448832 655; combined=243, p1=194, p2=0, p3=0, p4=0, p5=48, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5046ed2c-Z--
--b587991c-A--
[01/Jul/2026:12:48:25.783686 +0000] akUMmWqEWd-kjYG4aGjtBQAAAJE 90.156.169.29 33986 172.26.37.160 7081
--b587991c-B--
GET /.env.production.local HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 90.156.169.29
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--b587991c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b587991c-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.production.local"] [unique_id "akUMmWqEWd-kjYG4aGjtBQAAAJE"]
Action: Intercepted (phase 1)
Stopwatch: 1782910105783096 641 (- - -)
Stopwatch2: 1782910105783096 641; combined=225, p1=174, p2=0, p3=0, p4=0, p5=50, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b587991c-Z--
--e47ee14e-A--
[01/Jul/2026:12:48:26.117003 +0000] akUMmnT7Mzso1vrUjBLNVQAAAMI 90.156.169.29 34028 172.26.37.160 7081
--e47ee14e-B--
GET /.env.development.local HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 90.156.169.29
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--e47ee14e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e47ee14e-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.development.local"] [unique_id "akUMmnT7Mzso1vrUjBLNVQAAAMI"]
Action: Intercepted (phase 1)
Stopwatch: 1782910106116417 634 (- - -)
Stopwatch2: 1782910106116417 634; combined=251, p1=178, p2=0, p3=0, p4=0, p5=72, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e47ee14e-Z--
--715a730b-A--
[01/Jul/2026:12:48:26.454656 +0000] akUMmnT7Mzso1vrUjBLNVgAAANI 90.156.169.29 34050 172.26.37.160 7081
--715a730b-B--
GET /.env.test.local HTTP/1.1
Host: www.sunchongfung.com
X-Real-IP: 90.156.169.29
X-Accel-Internal: /internal-nginx-static-location
accept: */*
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
--715a730b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 07:47:20 GMT
ETag: "31b-5eb362f7b81d5"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--715a730b-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sunchongfung.com"] [uri "/.env.test.local"] [unique_id "akUMmnT7Mzso1vrUjBLNVgAAANI"]
Action: Intercepted (phase 1)
Stopwatch: 1782910106452408 3421 (- - -)
Stopwatch2: 1782910106452408 3421; combined=264, p1=191, p2=0, p3=0, p4=0, p5=72, sr=77, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--715a730b-Z--
--a1d5d373-A--
[01/Jul/2026:12:48:47.534722 +0000] akUMr2qEWd-kjYG4aGjtJQAAAI0 103.151.46.103 56858 172.26.37.160 7081
--a1d5d373-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--a1d5d373-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a1d5d373-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUMr2qEWd-kjYG4aGjtJQAAAI0"]
Action: Intercepted (phase 2)
Stopwatch: 1782910127531754 3028 (- - -)
Stopwatch2: 1782910127531754 3028; combined=1609, p1=472, p2=948, p3=0, p4=0, p5=125, sr=74, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a1d5d373-Z--
--a4412f2b-A--
[01/Jul/2026:12:49:40.629731 +0000] akUM5GqEWd-kjYG4aGjtQwAAAIs 103.151.46.103 36820 172.26.37.160 7081
--a4412f2b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a4412f2b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a4412f2b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUM5GqEWd-kjYG4aGjtQwAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782910180625752 4042 (- - -)
Stopwatch2: 1782910180625752 4042; combined=2596, p1=923, p2=1475, p3=0, p4=0, p5=130, sr=101, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a4412f2b-Z--
--b8725453-A--
[01/Jul/2026:12:50:01.891616 +0000] akUM@RBofVMXpRCyCAs0NQAAAEc 103.151.46.103 57382 172.26.37.160 7081
--b8725453-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b8725453-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b8725453-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUM@RBofVMXpRCyCAs0NQAAAEc"]
Action: Intercepted (phase 2)
Stopwatch: 1782910201886072 5606 (- - -)
Stopwatch2: 1782910201886072 5606; combined=1528, p1=324, p2=996, p3=0, p4=0, p5=140, sr=82, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b8725453-Z--
--f802062b-A--
[01/Jul/2026:12:50:54.980505 +0000] akUNLmqEWd-kjYG4aGjtYgAAAIU 103.151.46.103 60580 172.26.37.160 7081
--f802062b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f802062b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f802062b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUNLmqEWd-kjYG4aGjtYgAAAIU"]
Action: Intercepted (phase 2)
Stopwatch: 1782910254976837 3726 (- - -)
Stopwatch2: 1782910254976837 3726; combined=2363, p1=329, p2=1848, p3=0, p4=0, p5=122, sr=87, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f802062b-Z--
--3f16b012-A--
[01/Jul/2026:12:51:26.820475 +0000] akUNThBofVMXpRCyCAs0XAAAAEo 103.151.46.103 49578 172.26.37.160 7081
--3f16b012-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--3f16b012-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3f16b012-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUNThBofVMXpRCyCAs0XAAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782910286816974 4509 (- - -)
Stopwatch2: 1782910286816974 4509; combined=1519, p1=333, p2=996, p3=0, p4=0, p5=123, sr=73, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3f16b012-Z--
--2625e42f-A--
[01/Jul/2026:12:51:59.363012 +0000] akUNbhBofVMXpRCyCAs0awAAAEA 103.151.46.103 35672 172.26.37.160 7081
--2625e42f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--2625e42f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2625e42f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUNbhBofVMXpRCyCAs0awAAAEA"]
Action: Intercepted (phase 2)
Stopwatch: 1782910318656137 706964 (- - -)
Stopwatch2: 1782910318656137 706964; combined=1409014, p1=347, p2=996, p3=0, p4=0, p5=703871, sr=76, sw=64, l=0, gc=703736
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2625e42f-Z--
--abcb5c5f-A--
[01/Jul/2026:12:53:02.358789 +0000] akUNrmqEWd-kjYG4aGjtwQAAAJA 103.151.46.103 49590 172.26.37.160 7081
--abcb5c5f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--abcb5c5f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--abcb5c5f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUNrmqEWd-kjYG4aGjtwQAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782910382354583 4277 (- - -)
Stopwatch2: 1782910382354583 4277; combined=2423, p1=353, p2=1877, p3=0, p4=0, p5=129, sr=76, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--abcb5c5f-Z--
--5dce072a-A--
[01/Jul/2026:12:53:55.672806 +0000] akUN43T7Mzso1vrUjBLN@QAAANg 103.151.46.103 55830 172.26.37.160 7081
--5dce072a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--5dce072a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5dce072a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUN43T7Mzso1vrUjBLN@QAAANg"]
Action: Intercepted (phase 2)
Stopwatch: 1782910435669706 3161 (- - -)
Stopwatch2: 1782910435669706 3161; combined=1496, p1=349, p2=958, p3=0, p4=0, p5=126, sr=104, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5dce072a-Z--
--15c42462-A--
[01/Jul/2026:12:54:06.476262 +0000] akUN7mqEWd-kjYG4aGjt0AAAAIQ 103.151.46.103 48600 172.26.37.160 7081
--15c42462-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--15c42462-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--15c42462-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUN7mqEWd-kjYG4aGjt0AAAAIQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782910446472852 3477 (- - -)
Stopwatch2: 1782910446472852 3477; combined=1499, p1=335, p2=998, p3=0, p4=0, p5=109, sr=75, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--15c42462-Z--
--8f6ed16c-A--
[01/Jul/2026:12:54:16.487755 +0000] akUN@GqEWd-kjYG4aGjt1gAAAI8 104.23.197.86 52414 172.26.37.160 7081
--8f6ed16c-B--
GET /index.php?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Fhttpdocs%2F.htaccess&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Fhttpdocs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.86
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1458ef04d721de6-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8f6ed16c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8f6ed16c-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/index.php"] [unique_id "akUN@GqEWd-kjYG4aGjt1gAAAI8"]
Action: Intercepted (phase 1)
Stopwatch: 1782910456487072 751 (- - -)
Stopwatch2: 1782910456487072 751; combined=237, p1=186, p2=0, p3=0, p4=0, p5=51, sr=65, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8f6ed16c-Z--
--31414c41-A--
[01/Jul/2026:12:55:10.721029 +0000] akUOLhBofVMXpRCyCAs0uAAAAEE 103.151.46.103 46516 172.26.37.160 7081
--31414c41-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.151.46.103
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--31414c41-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--31414c41-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.151.46.103 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUOLhBofVMXpRCyCAs0uAAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782910510716991 4105 (- - -)
Stopwatch2: 1782910510716991 4105; combined=2091, p1=317, p2=1026, p3=0, p4=0, p5=652, sr=78, sw=96, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--31414c41-Z--
--0633f540-A--
[01/Jul/2026:12:56:40.704117 +0000] akUOiHT7Mzso1vrUjBLOOwAAAMs 104.23.197.87 52872 172.26.37.160 7081
--0633f540-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2F%2F.htaccess&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2F HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.87
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1459275ab6490ce-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0633f540-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0633f540-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUOiHT7Mzso1vrUjBLOOwAAAMs"]
Action: Intercepted (phase 1)
Stopwatch: 1782910600702526 1664 (- - -)
Stopwatch2: 1782910600702526 1664; combined=253, p1=178, p2=0, p3=0, p4=0, p5=74, sr=65, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0633f540-Z--
--27ec2108-A--
[01/Jul/2026:12:56:40.805616 +0000] akUOiGqEWd-kjYG4aGjuCgAAAJc 104.23.197.87 52888 172.26.37.160 7081
--27ec2108-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2F.htaccess&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.87
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14592764cc290ce-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--27ec2108-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--27ec2108-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUOiGqEWd-kjYG4aGjuCgAAAJc"]
Action: Intercepted (phase 1)
Stopwatch: 1782910600803196 2525 (- - -)
Stopwatch2: 1782910600803196 2525; combined=635, p1=581, p2=0, p3=0, p4=0, p5=53, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--27ec2108-Z--
--8d047e4a-A--
[01/Jul/2026:12:57:18.482817 +0000] akUOrBBofVMXpRCyCAs08AAAAEI 172.71.98.112 48790 172.26.37.160 7081
--8d047e4a-B--
GET /wp-content/plugins/advanced-product-fields-for-woocommerce-extended/assets/js/extended.min.js?ver=3.0.5 HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.71.98.112
X-Forwarded-For: 240e:970:4010::1a
X-Accel-Internal: /internal-nginx-static-location
sec-fetch-dest: script
referer: https://immunehk.com/zh/blog/
priority: u=2
accept-language: zh-CN,zh;q=0.9
cf-ray: a1459355fcb02383-AMS
accept-encoding: gzip, br
sec-ch-ua-platform: "Windows"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
sec-ch-ua: "Not_A Brand";v="99", "Chromium";v="142"
sec-ch-ua-mobile: ?0
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 240e:970:4010::1a
cf-ipcountry: CN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
if-none-match: "6a1d521e-17a5"
if-modified-since: Mon, 01 Jun 2026 09:34:22 GMT
--8d047e4a-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/plugins/advanced-product-fields-for-woocommerce-extended/assets/js/extended.min.js
Content-Length: 0
Content-Type: application/javascript
--8d047e4a-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "104.23.166.189_b9fdba30d7dee3e9f8827fa0570bb62cef01b5ac"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "104.23.166.189_b9fdba30d7dee3e9f8827fa0570bb62cef01b5ac"): Internal error (specific information not available) [hostname "immunehk.com"] [uri "/wp-content/plugins/advanced-product-fields-for-woocommerce-extended/assets/js/extended.min.js"] [unique_id "akUOrBBofVMXpRCyCAs08AAAAEI"]
Stopwatch: 1782910636913038 1569894 (- - -)
Stopwatch2: 1782910636913038 1569894; combined=3117911, p1=206, p2=19829, p3=29, p4=20, p5=1548943, sr=55, sw=0, l=0, gc=1548884
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8d047e4a-Z--
--88177d34-A--
[01/Jul/2026:13:08:28.125259 +0000] akURSHT7Mzso1vrUjBLPIAAAANM 14.0.236.105 36476 172.26.37.160 7081
--88177d34-B--
GET /wp-content/uploads/2026/06/3D-Printing-1-mune-430x430.jpg HTTP/1.1
Host: eonhk.com
X-Real-IP: 14.0.236.105
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua-platform: "Android"
user-agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Mobile Safari/537.36
sec-ch-ua: "Google Chrome";v="149", "Chromium";v="149", "Not)A;Brand";v="24"
sec-ch-ua-mobile: ?1
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://eonhk.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=2, i
--88177d34-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/uploads/2026/06/3D-Printing-1-mune-430x430.jpg
Content-Length: 0
Content-Type: image/jpeg
--88177d34-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "103.133.214.160_d47c3168d956176b76cd06bf9176eaa0156cd56c"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "103.133.214.160_d47c3168d956176b76cd06bf9176eaa0156cd56c"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/uploads/2026/06/3D-Printing-1-mune-430x430.jpg"] [unique_id "akURSHT7Mzso1vrUjBLPIAAAANM"]
Stopwatch: 1782911304972577 3152790 (- - -)
Stopwatch2: 1782911304972577 3152790; combined=6287841, p1=322, p2=2428, p3=26, p4=22, p5=3142542, sr=60, sw=1, l=0, gc=3142500
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--88177d34-Z--
--28a8d576-A--
[01/Jul/2026:13:08:28.126290 +0000] akURSHT7Mzso1vrUjBLPDgAAAMY 14.0.236.105 35712 172.26.37.160 7081
--28a8d576-B--
GET /wp-content/plugins/advanced-product-fields-for-woocommerce/assets/css/frontend.min.css?ver=1.6.17 HTTP/1.1
Host: eonhk.com
X-Real-IP: 14.0.236.105
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua-platform: "Android"
user-agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Mobile Safari/537.36
sec-ch-ua: "Google Chrome";v="149", "Chromium";v="149", "Not)A;Brand";v="24"
sec-ch-ua-mobile: ?1
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://eonhk.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=0
--28a8d576-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/plugins/advanced-product-fields-for-woocommerce/assets/css/frontend.min.css
Content-Length: 0
Content-Type: text/css
--28a8d576-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "103.133.214.160_d47c3168d956176b76cd06bf9176eaa0156cd56c"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "103.133.214.160_d47c3168d956176b76cd06bf9176eaa0156cd56c"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/plugins/advanced-product-fields-for-woocommerce/assets/css/frontend.min.css"] [unique_id "akURSHT7Mzso1vrUjBLPDgAAAMY"]
Stopwatch: 1782911304710470 3415894 (- - -)
Stopwatch2: 1782911304710470 3415894; combined=6727310, p1=42771, p2=14094, p3=21, p4=14, p5=3335218, sr=11283, sw=0, l=0, gc=3335192
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--28a8d576-Z--
--f350986e-A--
[01/Jul/2026:13:09:01.025220 +0000] akURbVOMiB2S1IlzKusbcgAAABU 185.190.132.16 46196 172.26.37.160 7081
--f350986e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f350986e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f350986e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akURbVOMiB2S1IlzKusbcgAAABU"]
Action: Intercepted (phase 2)
Stopwatch: 1782911341022474 2801 (- - -)
Stopwatch2: 1782911341022474 2801; combined=1460, p1=316, p2=969, p3=0, p4=0, p5=113, sr=74, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f350986e-Z--
--72503b6a-A--
[01/Jul/2026:13:09:32.972963 +0000] akURjFOMiB2S1IlzKusb0wAAAAM 185.190.132.16 38298 172.26.37.160 7081
--72503b6a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--72503b6a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--72503b6a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akURjFOMiB2S1IlzKusb0wAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782911372968145 5023 (- - -)
Stopwatch2: 1782911372968145 5023; combined=1505, p1=295, p2=1032, p3=0, p4=0, p5=118, sr=63, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--72503b6a-Z--
--9b9c2972-A--
[01/Jul/2026:13:10:15.736060 +0000] akURt1OMiB2S1IlzKusb8AAAAAc 185.190.132.16 55494 172.26.37.160 7081
--9b9c2972-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--9b9c2972-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9b9c2972-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akURt1OMiB2S1IlzKusb8AAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782911415732896 3225 (- - -)
Stopwatch2: 1782911415732896 3225; combined=1659, p1=359, p2=1090, p3=0, p4=0, p5=142, sr=78, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9b9c2972-Z--
--30138806-A--
[01/Jul/2026:13:10:37.095939 +0000] akURzVTTjV1b4WP-kpTqZAAAAJY 185.190.132.16 36526 172.26.37.160 7081
--30138806-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--30138806-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--30138806-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akURzVTTjV1b4WP-kpTqZAAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782911437093030 2964 (- - -)
Stopwatch2: 1782911437093030 2964; combined=1925, p1=748, p2=1003, p3=0, p4=0, p5=113, sr=78, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--30138806-Z--
--2b94e53e-A--
[01/Jul/2026:13:10:37.274784 +0000] akURzVTTjV1b4WP-kpTqZQAAAJI 95.217.206.147 36532 172.26.37.160 7081
--2b94e53e-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 95.217.206.147
X-Accel-Internal: /internal-nginx-static-location
accept-encoding: gzip, deflate, br
referer: https://preemptivestrategies.hk/wp-json/wp/v2/users/me
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15
--2b94e53e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 10:01:54 GMT
ETag: "31b-5eb3810bb7533"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2b94e53e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.preemptivestrategies.hk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.preemptivestrategies.hk"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akURzVTTjV1b4WP-kpTqZQAAAJI"]
Action: Intercepted (phase 2)
Stopwatch: 1782911437272075 2759 (- - -)
Stopwatch2: 1782911437272075 2759; combined=820, p1=305, p2=463, p3=0, p4=0, p5=51, sr=78, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2b94e53e-Z--
--3bc02b37-A--
[01/Jul/2026:13:11:52.172689 +0000] akUSGO78hS7eI671bASK5gAAAM8 185.190.132.16 43240 172.26.37.160 7081
--3bc02b37-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--3bc02b37-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3bc02b37-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUSGO78hS7eI671bASK5gAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782911512168321 5541 (- - -)
Stopwatch2: 1782911512168321 5541; combined=1517, p1=297, p2=1042, p3=0, p4=0, p5=116, sr=67, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3bc02b37-Z--
--a1ee3a16-A--
[01/Jul/2026:13:13:07.138084 +0000] akUSY1TTjV1b4WP-kpTqgQAAAIQ 185.190.132.16 35802 172.26.37.160 7081
--a1ee3a16-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a1ee3a16-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a1ee3a16-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUSY1TTjV1b4WP-kpTqgQAAAIQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782911587134515 3627 (- - -)
Stopwatch2: 1782911587134515 3627; combined=1946, p1=317, p2=1041, p3=0, p4=0, p5=326, sr=74, sw=262, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a1ee3a16-Z--
--4981ab30-A--
[01/Jul/2026:13:13:49.889836 +0000] akUSjVOMiB2S1IlzKuscQAAAABA 185.190.132.16 48324 172.26.37.160 7081
--4981ab30-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--4981ab30-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4981ab30-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUSjVOMiB2S1IlzKuscQAAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782911629885693 4831 (- - -)
Stopwatch2: 1782911629885693 4831; combined=2985, p1=307, p2=2495, p3=0, p4=0, p5=120, sr=71, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4981ab30-Z--
--19f8ea1a-A--
[01/Jul/2026:13:15:05.803402 +0000] akUS2VOMiB2S1IlzKuscWQAAABA 185.190.132.16 49604 172.26.37.160 7081
--19f8ea1a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--19f8ea1a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--19f8ea1a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUS2VOMiB2S1IlzKuscWQAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782911705085258 718210 (- - -)
Stopwatch2: 1782911705085258 718210; combined=1429066, p1=880, p2=3855, p3=0, p4=0, p5=712194, sr=110, sw=72, l=0, gc=712065
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--19f8ea1a-Z--
--2cf1b930-A--
[01/Jul/2026:13:15:15.840941 +0000] akUS41OMiB2S1IlzKuscXQAAAAw 185.190.132.16 33838 172.26.37.160 7081
--2cf1b930-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--2cf1b930-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2cf1b930-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUS41OMiB2S1IlzKuscXQAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782911715837226 3779 (- - -)
Stopwatch2: 1782911715837226 3779; combined=1578, p1=317, p2=1069, p3=0, p4=0, p5=127, sr=71, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2cf1b930-Z--
--97a5821c-A--
[01/Jul/2026:13:16:09.387892 +0000] akUTGVOMiB2S1IlzKusccQAAAAY 185.190.132.16 57938 172.26.37.160 7081
--97a5821c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--97a5821c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--97a5821c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUTGVOMiB2S1IlzKusccQAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782911769384895 3052 (- - -)
Stopwatch2: 1782911769384895 3052; combined=2031, p1=858, p2=1007, p3=0, p4=0, p5=108, sr=616, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--97a5821c-Z--
--5badde35-A--
[01/Jul/2026:13:16:20.142578 +0000] akUTJO78hS7eI671bASLCAAAANA 185.190.132.16 53746 172.26.37.160 7081
--5badde35-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--5badde35-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5badde35-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUTJO78hS7eI671bASLCAAAANA"]
Action: Intercepted (phase 2)
Stopwatch: 1782911780139649 2998 (- - -)
Stopwatch2: 1782911780139649 2998; combined=1786, p1=339, p2=1274, p3=0, p4=0, p5=112, sr=74, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5badde35-Z--
--fc575c2c-A--
[01/Jul/2026:13:17:13.773092 +0000] akUTWVOMiB2S1IlzKusdBQAAAAU 185.190.132.16 50214 172.26.37.160 7081
--fc575c2c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--fc575c2c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fc575c2c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUTWVOMiB2S1IlzKusdBQAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782911833769580 3590 (- - -)
Stopwatch2: 1782911833769580 3590; combined=2522, p1=311, p2=1941, p3=0, p4=0, p5=174, sr=75, sw=96, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fc575c2c-Z--
--29f3d54c-A--
[01/Jul/2026:13:17:35.272621 +0000] akUTb@78hS7eI671bASLkwAAAMw 185.190.132.16 48130 172.26.37.160 7081
--29f3d54c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--29f3d54c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--29f3d54c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUTb@78hS7eI671bASLkwAAAMw"]
Action: Intercepted (phase 2)
Stopwatch: 1782911855269707 2971 (- - -)
Stopwatch2: 1782911855269707 2971; combined=1589, p1=353, p2=1032, p3=0, p4=0, p5=136, sr=77, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--29f3d54c-Z--
--13bd8253-A--
[01/Jul/2026:13:18:18.058054 +0000] akUTmlTTjV1b4WP-kpTrXgAAAJQ 185.190.132.16 38598 172.26.37.160 7081
--13bd8253-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--13bd8253-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--13bd8253-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUTmlTTjV1b4WP-kpTrXgAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782911898055050 3069 (- - -)
Stopwatch2: 1782911898055050 3069; combined=1968, p1=364, p2=1434, p3=0, p4=0, p5=111, sr=82, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--13bd8253-Z--
--a92d8846-A--
[01/Jul/2026:13:18:39.373512 +0000] akUTr1OMiB2S1IlzKusddgAAAAo 185.190.132.16 42086 172.26.37.160 7081
--a92d8846-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a92d8846-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a92d8846-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUTr1OMiB2S1IlzKusddgAAAAo"]
Action: Intercepted (phase 2)
Stopwatch: 1782911919370308 3264 (- - -)
Stopwatch2: 1782911919370308 3264; combined=1480, p1=341, p2=954, p3=0, p4=0, p5=123, sr=76, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a92d8846-Z--
--c81faf75-A--
[01/Jul/2026:13:19:33.154884 +0000] akUT5e78hS7eI671bASLrwAAAMk 185.190.132.16 44086 172.26.37.160 7081
--c81faf75-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c81faf75-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c81faf75-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUT5e78hS7eI671bASLrwAAAMk"]
Action: Intercepted (phase 2)
Stopwatch: 1782911973150735 4210 (- - -)
Stopwatch2: 1782911973150735 4210; combined=1738, p1=387, p2=1150, p3=0, p4=0, p5=134, sr=69, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c81faf75-Z--
--0cc9c27d-A--
[01/Jul/2026:13:19:54.639856 +0000] akUT@lTTjV1b4WP-kpTrfQAAAJY 185.190.132.16 51572 172.26.37.160 7081
--0cc9c27d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--0cc9c27d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0cc9c27d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUT@lTTjV1b4WP-kpTrfQAAAJY"]
Action: Intercepted (phase 2)
Stopwatch: 1782911994635167 4766 (- - -)
Stopwatch2: 1782911994635167 4766; combined=2621, p1=357, p2=2080, p3=0, p4=0, p5=117, sr=86, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0cc9c27d-Z--
--a3e65a35-A--
[01/Jul/2026:13:20:37.526398 +0000] akUUJVOMiB2S1IlzKusdlAAAAAE 185.190.132.16 56400 172.26.37.160 7081
--a3e65a35-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--a3e65a35-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a3e65a35-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUUJVOMiB2S1IlzKusdlAAAAAE"]
Action: Intercepted (phase 2)
Stopwatch: 1782912037522978 3481 (- - -)
Stopwatch2: 1782912037522978 3481; combined=2561, p1=351, p2=1689, p3=0, p4=0, p5=289, sr=86, sw=232, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a3e65a35-Z--
--b139e465-A--
[01/Jul/2026:13:20:58.831934 +0000] akUUOlOMiB2S1IlzKusdmwAAABY 185.190.132.16 44424 172.26.37.160 7081
--b139e465-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--b139e465-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b139e465-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUUOlOMiB2S1IlzKusdmwAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782912058829035 2960 (- - -)
Stopwatch2: 1782912058829035 2960; combined=1890, p1=700, p2=1020, p3=0, p4=0, p5=111, sr=77, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b139e465-Z--
--d0537a11-A--
[01/Jul/2026:13:22:03.228784 +0000] akUUe1TTjV1b4WP-kpTrkgAAAJA 185.190.132.16 43998 172.26.37.160 7081
--d0537a11-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d0537a11-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d0537a11-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUUe1TTjV1b4WP-kpTrkgAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782912123225813 3028 (- - -)
Stopwatch2: 1782912123225813 3028; combined=1580, p1=350, p2=1033, p3=0, p4=0, p5=131, sr=78, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d0537a11-Z--
--72377978-A--
[01/Jul/2026:13:22:45.910306 +0000] akUUpVTTjV1b4WP-kpTrmwAAAJc 185.190.132.16 60890 172.26.37.160 7081
--72377978-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--72377978-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--72377978-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUUpVTTjV1b4WP-kpTrmwAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782912165907276 3086 (- - -)
Stopwatch2: 1782912165907276 3086; combined=1915, p1=785, p2=943, p3=0, p4=0, p5=125, sr=537, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--72377978-Z--
--8d6cda10-A--
[01/Jul/2026:13:23:19.590509 +0000] akUUx1TTjV1b4WP-kpTroQAAAIA 104.23.203.141 38718 172.26.37.160 7081
--8d6cda10-B--
GET /.git/config HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.23.203.141
X-Forwarded-For: 2602:fa59:10:97c::1
X-Accel-Internal: /internal-nginx-static-location
x-forwarded-proto: https
cf-ray: a145b97c7b6b8f16-LAS
accept-encoding: gzip, br
user-agent: Mozilla/5.0 (X11; Linux x86_64)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2602:fa59:10:97c::1
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
--8d6cda10-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8d6cda10-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/.git/config"] [unique_id "akUUx1TTjV1b4WP-kpTroQAAAIA"]
Action: Intercepted (phase 1)
Stopwatch: 1782912199589633 1170 (- - -)
Stopwatch2: 1782912199589633 1170; combined=237, p1=181, p2=0, p3=0, p4=0, p5=55, sr=73, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8d6cda10-Z--
--d44fba32-A--
[01/Jul/2026:13:24:00.659539 +0000] akUU8FOMiB2S1IlzKusdxwAAAA4 185.190.132.16 39818 172.26.37.160 7081
--d44fba32-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--d44fba32-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d44fba32-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUU8FOMiB2S1IlzKusdxwAAAA4"]
Action: Intercepted (phase 2)
Stopwatch: 1782912240657027 2610 (- - -)
Stopwatch2: 1782912240657027 2610; combined=1524, p1=333, p2=1028, p3=0, p4=0, p5=107, sr=76, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d44fba32-Z--
--3808e361-A--
[01/Jul/2026:13:24:11.291031 +0000] akUU@1OMiB2S1IlzKusdzwAAAAo 185.190.132.16 44436 172.26.37.160 7081
--3808e361-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--3808e361-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3808e361-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUU@1OMiB2S1IlzKusdzwAAAAo"]
Action: Intercepted (phase 2)
Stopwatch: 1782912251288216 5136 (- - -)
Stopwatch2: 1782912251288216 5136; combined=1493, p1=338, p2=974, p3=0, p4=0, p5=119, sr=72, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3808e361-Z--
--5976e61f-A--
[01/Jul/2026:13:25:15.492090 +0000] akUVO1TTjV1b4WP-kpTr0wAAAJI 185.190.132.16 43052 172.26.37.160 7081
--5976e61f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--5976e61f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5976e61f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUVO1TTjV1b4WP-kpTr0wAAAJI"]
Action: Intercepted (phase 2)
Stopwatch: 1782912315489065 3082 (- - -)
Stopwatch2: 1782912315489065 3082; combined=2023, p1=359, p2=1486, p3=0, p4=0, p5=116, sr=76, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5976e61f-Z--
--68ad0a23-A--
[01/Jul/2026:13:25:58.176073 +0000] akUVZlTTjV1b4WP-kpTsGAAAAIM 185.190.132.16 43420 172.26.37.160 7081
--68ad0a23-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--68ad0a23-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--68ad0a23-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUVZlTTjV1b4WP-kpTsGAAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782912358172925 3207 (- - -)
Stopwatch2: 1782912358172925 3207; combined=2211, p1=306, p2=1741, p3=0, p4=0, p5=106, sr=70, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--68ad0a23-Z--
--e2be4c2f-A--
[01/Jul/2026:13:27:02.265290 +0000] akUVplOMiB2S1IlzKusePAAAAAA 185.190.132.16 54540 172.26.37.160 7081
--e2be4c2f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--e2be4c2f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e2be4c2f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUVplOMiB2S1IlzKusePAAAAAA"]
Action: Intercepted (phase 2)
Stopwatch: 1782912422262203 3143 (- - -)
Stopwatch2: 1782912422262203 3143; combined=1578, p1=349, p2=1045, p3=0, p4=0, p5=121, sr=79, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e2be4c2f-Z--
--7eb27124-A--
[01/Jul/2026:13:27:23.708674 +0000] akUVu1TTjV1b4WP-kpTsRgAAAIo 185.190.132.16 49148 172.26.37.160 7081
--7eb27124-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--7eb27124-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7eb27124-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUVu1TTjV1b4WP-kpTsRgAAAIo"]
Action: Intercepted (phase 2)
Stopwatch: 1782912443705617 3136 (- - -)
Stopwatch2: 1782912443705617 3136; combined=1674, p1=326, p2=1187, p3=0, p4=0, p5=104, sr=80, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7eb27124-Z--
--addc875c-A--
[01/Jul/2026:13:28:27.692127 +0000] akUV@@78hS7eI671bASMWAAAAMY 185.190.132.16 34420 172.26.37.160 7081
--addc875c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 700
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--addc875c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--addc875c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUV@@78hS7eI671bASMWAAAAMY"]
Action: Intercepted (phase 2)
Stopwatch: 1782912507689025 3157 (- - -)
Stopwatch2: 1782912507689025 3157; combined=2156, p1=356, p2=1634, p3=0, p4=0, p5=107, sr=75, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--addc875c-Z--
--090cae03-A--
[01/Jul/2026:13:28:59.714551 +0000] akUWG1TTjV1b4WP-kpTsYQAAAIY 185.190.132.16 36540 172.26.37.160 7081
--090cae03-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--090cae03-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--090cae03-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUWG1TTjV1b4WP-kpTsYQAAAIY"]
Action: Intercepted (phase 2)
Stopwatch: 1782912539711740 2890 (- - -)
Stopwatch2: 1782912539711740 2890; combined=1450, p1=310, p2=955, p3=0, p4=0, p5=122, sr=73, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--090cae03-Z--
--d9457177-A--
[01/Jul/2026:13:29:42.691466 +0000] akUWRlOMiB2S1IlzKusedgAAABA 185.190.132.16 51254 172.26.37.160 7081
--d9457177-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--d9457177-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d9457177-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUWRlOMiB2S1IlzKusedgAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782912582688999 2522 (- - -)
Stopwatch2: 1782912582688999 2522; combined=1526, p1=342, p2=1017, p3=0, p4=0, p5=109, sr=77, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d9457177-Z--
--1fc9204f-A--
[01/Jul/2026:13:30:46.858932 +0000] akUWhlOMiB2S1IlzKuseiAAAAAU 185.190.132.16 38676 172.26.37.160 7081
--1fc9204f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--1fc9204f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1fc9204f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUWhlOMiB2S1IlzKuseiAAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782912646855197 3791 (- - -)
Stopwatch2: 1782912646855197 3791; combined=1559, p1=340, p2=1016, p3=0, p4=0, p5=138, sr=75, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1fc9204f-Z--
--7d18c12c-A--
[01/Jul/2026:13:31:08.307538 +0000] akUWnO78hS7eI671bASMZwAAANI 185.190.132.16 48868 172.26.37.160 7081
--7d18c12c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--7d18c12c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7d18c12c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUWnO78hS7eI671bASMZwAAANI"]
Action: Intercepted (phase 2)
Stopwatch: 1782912668303276 4318 (- - -)
Stopwatch2: 1782912668303276 4318; combined=2386, p1=371, p2=1805, p3=0, p4=0, p5=137, sr=96, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7d18c12c-Z--
--bec8c552-A--
[01/Jul/2026:13:32:01.682611 +0000] akUW0e78hS7eI671bASMbQAAANE 185.190.132.16 36316 172.26.37.160 7081
--bec8c552-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--bec8c552-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bec8c552-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUW0e78hS7eI671bASMbQAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782912721678963 3710 (- - -)
Stopwatch2: 1782912721678963 3710; combined=2048, p1=366, p2=1489, p3=0, p4=0, p5=126, sr=73, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bec8c552-Z--
--f9b8036d-A--
[01/Jul/2026:13:32:12.380507 +0000] akUW3FTTjV1b4WP-kpTsigAAAJE 185.190.132.16 44900 172.26.37.160 7081
--f9b8036d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f9b8036d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f9b8036d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUW3FTTjV1b4WP-kpTsigAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782912732377124 3441 (- - -)
Stopwatch2: 1782912732377124 3441; combined=1837, p1=368, p2=1266, p3=0, p4=0, p5=137, sr=90, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f9b8036d-Z--
--d4067d34-A--
[01/Jul/2026:13:33:16.906220 +0000] akUXHFTTjV1b4WP-kpTsmgAAAJA 185.190.132.16 39916 172.26.37.160 7081
--d4067d34-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 185.190.132.16
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d4067d34-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d4067d34-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.16 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUXHFTTjV1b4WP-kpTsmgAAAJA"]
Action: Intercepted (phase 2)
Stopwatch: 1782912796902553 3724 (- - -)
Stopwatch2: 1782912796902553 3724; combined=2499, p1=336, p2=1972, p3=0, p4=0, p5=129, sr=81, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d4067d34-Z--
--a4237a5d-A--
[01/Jul/2026:13:35:06.442610 +0000] akUXilTTjV1b4WP-kpTs4gAAAJM 102.110.8.12 58932 172.26.37.160 7081
--a4237a5d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--a4237a5d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a4237a5d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUXilTTjV1b4WP-kpTs4gAAAJM"]
Action: Intercepted (phase 2)
Stopwatch: 1782912906439600 3105 (- - -)
Stopwatch2: 1782912906439600 3105; combined=1874, p1=337, p2=1370, p3=0, p4=0, p5=109, sr=82, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a4237a5d-Z--
--4cbfd938-A--
[01/Jul/2026:13:35:38.387094 +0000] akUXqlOMiB2S1IlzKusfAgAAAAI 102.110.8.12 42660 172.26.37.160 7081
--4cbfd938-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--4cbfd938-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4cbfd938-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUXqlOMiB2S1IlzKusfAgAAAAI"]
Action: Intercepted (phase 2)
Stopwatch: 1782912938384254 2929 (- - -)
Stopwatch2: 1782912938384254 2929; combined=1494, p1=343, p2=976, p3=0, p4=0, p5=117, sr=74, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4cbfd938-Z--
--84469365-A--
[01/Jul/2026:13:36:20.917169 +0000] akUX1FTTjV1b4WP-kpTs8QAAAJE 102.110.8.12 39820 172.26.37.160 7081
--84469365-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--84469365-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--84469365-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUX1FTTjV1b4WP-kpTs8QAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782912980914128 3106 (- - -)
Stopwatch2: 1782912980914128 3106; combined=1497, p1=322, p2=974, p3=0, p4=0, p5=135, sr=78, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--84469365-Z--
--cf214921-A--
[01/Jul/2026:13:37:24.569920 +0000] akUYFFOMiB2S1IlzKusfIAAAAA8 102.110.8.12 55048 172.26.37.160 7081
--cf214921-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--cf214921-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cf214921-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUYFFOMiB2S1IlzKusfIAAAAA8"]
Action: Intercepted (phase 2)
Stopwatch: 1782913044562830 8270 (- - -)
Stopwatch2: 1782913044562830 8270; combined=2419, p1=983, p2=1241, p3=0, p4=0, p5=130, sr=552, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cf214921-Z--
--7927d40f-A--
[01/Jul/2026:13:38:28.159004 +0000] akUYVFOMiB2S1IlzKusfPwAAABQ 102.110.8.12 33572 172.26.37.160 7081
--7927d40f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--7927d40f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7927d40f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUYVFOMiB2S1IlzKusfPwAAABQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782913108155507 3558 (- - -)
Stopwatch2: 1782913108155507 3558; combined=2127, p1=321, p2=1605, p3=0, p4=0, p5=132, sr=78, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7927d40f-Z--
--50da4305-A--
[01/Jul/2026:13:38:38.754872 +0000] akUYXlOMiB2S1IlzKusfQgAAAA0 102.110.8.12 45952 172.26.37.160 7081
--50da4305-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--50da4305-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--50da4305-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUYXlOMiB2S1IlzKusfQgAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782913118751511 3417 (- - -)
Stopwatch2: 1782913118751511 3417; combined=1556, p1=357, p2=1006, p3=0, p4=0, p5=127, sr=96, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--50da4305-Z--
--d690ea65-A--
[01/Jul/2026:13:38:49.434267 +0000] akUYaVOMiB2S1IlzKusfRgAAABA 2.50.175.79 59104 172.26.37.160 7081
--d690ea65-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d690ea65-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d690ea65-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUYaVOMiB2S1IlzKusfRgAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782913129429553 5720 (- - -)
Stopwatch2: 1782913129429553 5720; combined=2566, p1=311, p2=2057, p3=0, p4=0, p5=135, sr=66, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d690ea65-Z--
--fccac674-A--
[01/Jul/2026:13:39:42.444710 +0000] akUYnlOMiB2S1IlzKusffwAAAAk 102.110.8.12 43390 172.26.37.160 7081
--fccac674-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--fccac674-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fccac674-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUYnlOMiB2S1IlzKusffwAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782913182441369 3425 (- - -)
Stopwatch2: 1782913182441369 3425; combined=1616, p1=349, p2=1029, p3=0, p4=0, p5=159, sr=83, sw=79, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fccac674-Z--
--21896a27-A--
[01/Jul/2026:13:40:14.230318 +0000] akUYvlTTjV1b4WP-kpTtSgAAAIU 2.50.175.79 52374 172.26.37.160 7081
--21896a27-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 700
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--21896a27-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--21896a27-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUYvlTTjV1b4WP-kpTtSgAAAIU"]
Action: Intercepted (phase 2)
Stopwatch: 1782913214227108 3267 (- - -)
Stopwatch2: 1782913214227108 3267; combined=1573, p1=337, p2=1045, p3=0, p4=0, p5=125, sr=72, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--21896a27-Z--
--24d20a5c-A--
[01/Jul/2026:13:40:35.448387 +0000] akUY0@78hS7eI671bASNAwAAAMQ 102.110.8.12 33544 172.26.37.160 7081
--24d20a5c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--24d20a5c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--24d20a5c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUY0@78hS7eI671bASNAwAAAMQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782913235444795 3663 (- - -)
Stopwatch2: 1782913235444795 3663; combined=2853, p1=338, p2=1481, p3=0, p4=0, p5=542, sr=71, sw=492, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--24d20a5c-Z--
--ccd07e32-A--
[01/Jul/2026:13:41:17.542509 +0000] akUY-VOMiB2S1IlzKusfowAAAAY 2.50.175.79 50032 172.26.37.160 7081
--ccd07e32-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ccd07e32-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ccd07e32-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUY-VOMiB2S1IlzKusfowAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782913277538979 3587 (- - -)
Stopwatch2: 1782913277538979 3587; combined=2036, p1=871, p2=981, p3=0, p4=0, p5=122, sr=75, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ccd07e32-Z--
--4882342b-A--
[01/Jul/2026:13:41:28.807895 +0000] akUZCFTTjV1b4WP-kpTtXgAAAI8 102.110.8.12 53018 172.26.37.160 7081
--4882342b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--4882342b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4882342b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZCFTTjV1b4WP-kpTtXgAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782913288804572 3844 (- - -)
Stopwatch2: 1782913288804572 3844; combined=1527, p1=374, p2=984, p3=0, p4=0, p5=111, sr=74, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4882342b-Z--
--59cdb552-A--
[01/Jul/2026:13:41:59.967907 +0000] akUZJ1OMiB2S1IlzKusfrgAAAAA 2.50.175.79 43042 172.26.37.160 7081
--59cdb552-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--59cdb552-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--59cdb552-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZJ1OMiB2S1IlzKusfrgAAAAA"]
Action: Intercepted (phase 2)
Stopwatch: 1782913319964415 4150 (- - -)
Stopwatch2: 1782913319964415 4150; combined=1575, p1=340, p2=1059, p3=0, p4=0, p5=114, sr=77, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--59cdb552-Z--
--37a71c3b-A--
[01/Jul/2026:13:42:11.317954 +0000] akUZM1OMiB2S1IlzKusfsgAAABg 102.110.8.12 37202 172.26.37.160 7081
--37a71c3b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--37a71c3b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--37a71c3b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZM1OMiB2S1IlzKusfsgAAABg"]
Action: Intercepted (phase 2)
Stopwatch: 1782913331314472 3568 (- - -)
Stopwatch2: 1782913331314472 3568; combined=2330, p1=331, p2=1836, p3=0, p4=0, p5=107, sr=94, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--37a71c3b-Z--
--df08e61a-A--
[01/Jul/2026:13:42:21.053257 +0000] akUZPVTTjV1b4WP-kpTtbwAAAI4 2.50.175.79 55266 172.26.37.160 7081
--df08e61a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--df08e61a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--df08e61a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZPVTTjV1b4WP-kpTtbwAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1782913341050442 2888 (- - -)
Stopwatch2: 1782913341050442 2888; combined=1549, p1=359, p2=967, p3=0, p4=0, p5=138, sr=91, sw=85, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--df08e61a-Z--
--e286ab0d-A--
[01/Jul/2026:13:42:21.706917 +0000] akUZPVOMiB2S1IlzKusfuAAAAA8 104.22.1.16 55292 172.26.37.160 7081
--e286ab0d-B--
GET /items/R473705438/?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.1.16
X-Forwarded-For: 2a03:2880:f806:a::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a145d560eb3c0d63-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:a::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--e286ab0d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e286ab0d-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/items/R473705438/"] [unique_id "akUZPVOMiB2S1IlzKusfuAAAAA8"]
Action: Intercepted (phase 1)
Stopwatch: 1782913341705471 1581 (- - -)
Stopwatch2: 1782913341705471 1581; combined=310, p1=233, p2=0, p3=0, p4=0, p5=76, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e286ab0d-Z--
--6527b64d-A--
[01/Jul/2026:13:42:43.132245 +0000] akUZU@78hS7eI671bASNHQAAAMk 102.110.8.12 49180 172.26.37.160 7081
--6527b64d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--6527b64d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6527b64d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZU@78hS7eI671bASNHQAAAMk"]
Action: Intercepted (phase 2)
Stopwatch: 1782913363129220 3087 (- - -)
Stopwatch2: 1782913363129220 3087; combined=1849, p1=316, p2=1372, p3=0, p4=0, p5=105, sr=79, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6527b64d-Z--
--b889e12e-A--
[01/Jul/2026:13:43:25.605990 +0000] akUZfVTTjV1b4WP-kpTtiAAAAJc 102.110.8.12 35294 172.26.37.160 7081
--b889e12e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--b889e12e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b889e12e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZfVTTjV1b4WP-kpTtiAAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782913405601304 8462 (- - -)
Stopwatch2: 1782913405601304 8462; combined=1938, p1=308, p2=1404, p3=0, p4=0, p5=149, sr=68, sw=77, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b889e12e-Z--
--c4be694f-A--
[01/Jul/2026:13:43:44.747978 +0000] akUZkO78hS7eI671bASNKwAAANE 104.22.24.210 57418 172.26.37.160 7081
--c4be694f-B--
GET /products/1117327454454?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.22.24.210
X-Forwarded-For: 2a03:2880:f806:50::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a145d767dbfccc22-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:50::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--c4be694f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c4be694f-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/products/1117327454454"] [unique_id "akUZkO78hS7eI671bASNKwAAANE"]
Action: Intercepted (phase 1)
Stopwatch: 1782913424745550 2522 (- - -)
Stopwatch2: 1782913424745550 2522; combined=240, p1=189, p2=0, p3=0, p4=0, p5=50, sr=76, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c4be694f-Z--
--80ceea65-A--
[01/Jul/2026:13:43:45.723501 +0000] akUZke78hS7eI671bASNLAAAANc 2.50.175.79 57444 172.26.37.160 7081
--80ceea65-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--80ceea65-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--80ceea65-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZke78hS7eI671bASNLAAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782913425718767 9430 (- - -)
Stopwatch2: 1782913425718767 9430; combined=2473, p1=345, p2=1945, p3=0, p4=0, p5=122, sr=63, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--80ceea65-Z--
--89fc746c-A--
[01/Jul/2026:13:44:17.571179 +0000] akUZsVOMiB2S1IlzKusf@QAAAAQ 2.50.175.79 46046 172.26.37.160 7081
--89fc746c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--89fc746c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--89fc746c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZsVOMiB2S1IlzKusf@QAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782913457565027 10419 (- - -)
Stopwatch2: 1782913457565027 10419; combined=4093, p1=353, p2=3067, p3=0, p4=0, p5=601, sr=74, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--89fc746c-Z--
--88ac8807-A--
[01/Jul/2026:13:44:21.936647 +0000] akUZtVTTjV1b4WP-kpTtrgAAAI8 172.70.175.146 46194 172.26.37.160 7081
--88ac8807-B--
GET /products/3571780295153?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.70.175.146
X-Forwarded-For: 2a03:2880:f800:e::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a145d84d189a82c8-IAD
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f800:e::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--88ac8807-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--88ac8807-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/products/3571780295153"] [unique_id "akUZtVTTjV1b4WP-kpTtrgAAAI8"]
Action: Intercepted (phase 1)
Stopwatch: 1782913461934019 2721 (- - -)
Stopwatch2: 1782913461934019 2721; combined=244, p1=187, p2=0, p3=0, p4=0, p5=56, sr=63, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--88ac8807-Z--
--86536e72-A--
[01/Jul/2026:13:44:39.768199 +0000] akUZx1OMiB2S1IlzKusgBwAAABA 102.110.8.12 38706 172.26.37.160 7081
--86536e72-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--86536e72-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--86536e72-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZx1OMiB2S1IlzKusgBwAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782913479765360 3608 (- - -)
Stopwatch2: 1782913479765360 3608; combined=1522, p1=318, p2=1016, p3=0, p4=0, p5=124, sr=77, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--86536e72-Z--
--75c1a963-A--
[01/Jul/2026:13:45:00.042297 +0000] akUZ3FOMiB2S1IlzKusgDAAAAAk 2.50.175.79 55716 172.26.37.160 7081
--75c1a963-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--75c1a963-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--75c1a963-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZ3FOMiB2S1IlzKusgDAAAAAk"]
Action: Intercepted (phase 2)
Stopwatch: 1782913500039200 3154 (- - -)
Stopwatch2: 1782913500039200 3154; combined=1957, p1=344, p2=1425, p3=0, p4=0, p5=124, sr=78, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--75c1a963-Z--
--2deeb978-A--
[01/Jul/2026:13:45:11.683706 +0000] akUZ51OMiB2S1IlzKusgEgAAAAs 102.110.8.12 38634 172.26.37.160 7081
--2deeb978-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--2deeb978-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2deeb978-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUZ51OMiB2S1IlzKusgEgAAAAs"]
Action: Intercepted (phase 2)
Stopwatch: 1782913511679891 3872 (- - -)
Stopwatch2: 1782913511679891 3872; combined=2540, p1=324, p2=2019, p3=0, p4=0, p5=125, sr=82, sw=72, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2deeb978-Z--
--31f4bf4f-A--
[01/Jul/2026:13:45:43.556336 +0000] akUaB1TTjV1b4WP-kpTtywAAAJM 102.110.8.12 33148 172.26.37.160 7081
--31f4bf4f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--31f4bf4f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--31f4bf4f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaB1TTjV1b4WP-kpTtywAAAJM"]
Action: Intercepted (phase 2)
Stopwatch: 1782913543552434 8362 (- - -)
Stopwatch2: 1782913543552434 8362; combined=1336, p1=304, p2=847, p3=0, p4=0, p5=122, sr=70, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--31f4bf4f-Z--
--9908250b-A--
[01/Jul/2026:13:45:56.465210 +0000] akUaFFTTjV1b4WP-kpTt2AAAAI4 197.211.52.176 54154 172.26.37.160 7081
--9908250b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--9908250b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9908250b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaFFTTjV1b4WP-kpTt2AAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1782913556462674 2597 (- - -)
Stopwatch2: 1782913556462674 2597; combined=1524, p1=390, p2=963, p3=0, p4=0, p5=112, sr=84, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9908250b-Z--
--8e2df27c-A--
[01/Jul/2026:13:46:24.719733 +0000] akUaMFTTjV1b4WP-kpTt@gAAAIY 2.50.175.79 36238 172.26.37.160 7081
--8e2df27c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--8e2df27c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8e2df27c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaMFTTjV1b4WP-kpTt@gAAAIY"]
Action: Intercepted (phase 2)
Stopwatch: 1782913584716858 2937 (- - -)
Stopwatch2: 1782913584716858 2937; combined=1487, p1=315, p2=1007, p3=0, p4=0, p5=108, sr=78, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8e2df27c-Z--
--f41ca63f-A--
[01/Jul/2026:13:46:56.564618 +0000] akUaUFOMiB2S1IlzKusgcgAAABg 2.50.175.79 41194 172.26.37.160 7081
--f41ca63f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--f41ca63f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f41ca63f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaUFOMiB2S1IlzKusgcgAAABg"]
Action: Intercepted (phase 2)
Stopwatch: 1782913616561034 3641 (- - -)
Stopwatch2: 1782913616561034 3641; combined=2461, p1=315, p2=1945, p3=0, p4=0, p5=131, sr=74, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f41ca63f-Z--
--051a1b13-A--
[01/Jul/2026:13:46:57.617955 +0000] akUaUVOMiB2S1IlzKusgdAAAAAw 102.110.8.12 41204 172.26.37.160 7081
--051a1b13-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--051a1b13-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--051a1b13-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaUVOMiB2S1IlzKusgdAAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782913617612919 9059 (- - -)
Stopwatch2: 1782913617612919 9059; combined=2486, p1=335, p2=1952, p3=0, p4=0, p5=133, sr=71, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--051a1b13-Z--
--1a4c3324-A--
[01/Jul/2026:13:47:00.502576 +0000] akUaVFOMiB2S1IlzKusgdgAAABc 197.211.52.176 41222 172.26.37.160 7081
--1a4c3324-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1a4c3324-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1a4c3324-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaVFOMiB2S1IlzKusgdgAAABc"]
Action: Intercepted (phase 2)
Stopwatch: 1782913620497827 5238 (- - -)
Stopwatch2: 1782913620497827 5238; combined=1954, p1=382, p2=1385, p3=0, p4=0, p5=125, sr=83, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1a4c3324-Z--
--d244f501-A--
[01/Jul/2026:13:47:08.306173 +0000] akUaXFOMiB2S1IlzKusgegAAAAg 102.110.8.12 57526 172.26.37.160 7081
--d244f501-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--d244f501-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d244f501-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaXFOMiB2S1IlzKusgegAAAAg"]
Action: Intercepted (phase 2)
Stopwatch: 1782913628303205 3028 (- - -)
Stopwatch2: 1782913628303205 3028; combined=1541, p1=353, p2=1013, p3=0, p4=0, p5=114, sr=84, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d244f501-Z--
--087ee864-A--
[01/Jul/2026:13:47:21.907735 +0000] akUaaVOMiB2S1IlzKusggAAAABY 197.211.52.176 35610 172.26.37.160 7081
--087ee864-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--087ee864-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--087ee864-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaaVOMiB2S1IlzKusggAAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782913641904788 3003 (- - -)
Stopwatch2: 1782913641904788 3003; combined=2436, p1=344, p2=973, p3=0, p4=0, p5=598, sr=72, sw=521, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--087ee864-Z--
--57e1dc27-A--
[01/Jul/2026:13:47:38.889599 +0000] akUaelOMiB2S1IlzKusgrAAAABM 2.50.175.79 40144 172.26.37.160 7081
--57e1dc27-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--57e1dc27-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--57e1dc27-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaelOMiB2S1IlzKusgrAAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782913658886554 3106 (- - -)
Stopwatch2: 1782913658886554 3106; combined=2019, p1=854, p2=995, p3=0, p4=0, p5=113, sr=76, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--57e1dc27-Z--
--b85a7857-A--
[01/Jul/2026:13:48:03.635889 +0000] akUak1OMiB2S1IlzKusgxAAAAAY 197.211.52.176 37928 172.26.37.160 7081
--b85a7857-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--b85a7857-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b85a7857-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUak1OMiB2S1IlzKusgxAAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782913683632375 3574 (- - -)
Stopwatch2: 1782913683632375 3574; combined=2470, p1=1272, p2=1026, p3=0, p4=0, p5=112, sr=85, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b85a7857-Z--
--aab1c250-A--
[01/Jul/2026:13:48:10.572703 +0000] akUamlOMiB2S1IlzKusgywAAAAU 2.50.175.79 39414 172.26.37.160 7081
--aab1c250-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--aab1c250-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--aab1c250-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUamlOMiB2S1IlzKusgywAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782913690569372 3707 (- - -)
Stopwatch2: 1782913690569372 3707; combined=1497, p1=307, p2=1013, p3=0, p4=0, p5=116, sr=72, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--aab1c250-Z--
--2e461e40-A--
[01/Jul/2026:13:48:12.050035 +0000] akUanFOMiB2S1IlzKusgzQAAABE 102.110.8.12 39460 172.26.37.160 7081
--2e461e40-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--2e461e40-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2e461e40-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUanFOMiB2S1IlzKusgzQAAABE"]
Action: Intercepted (phase 2)
Stopwatch: 1782913692045181 5253 (- - -)
Stopwatch2: 1782913692045181 5253; combined=3440, p1=350, p2=2885, p3=0, p4=0, p5=135, sr=76, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2e461e40-Z--
--f149c148-A--
[01/Jul/2026:13:48:22.594139 +0000] akUaplOMiB2S1IlzKusg1QAAABM 102.110.8.12 42696 172.26.37.160 7081
--f149c148-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--f149c148-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f149c148-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaplOMiB2S1IlzKusg1QAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782913702589763 5529 (- - -)
Stopwatch2: 1782913702589763 5529; combined=1971, p1=761, p2=1019, p3=0, p4=0, p5=128, sr=73, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f149c148-Z--
--ccbbad4b-A--
[01/Jul/2026:13:48:30.222521 +0000] akUarlTTjV1b4WP-kpTuRwAAAJM 104.23.197.87 44958 172.26.37.160 7081
--ccbbad4b-B--
GET /sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Fhttpdocs%2F.htaccess&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Fhttpdocs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.87
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145de60182e3cd0-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ccbbad4b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ccbbad4b-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/sitemap.xml"] [unique_id "akUarlTTjV1b4WP-kpTuRwAAAJM"]
Action: Intercepted (phase 1)
Stopwatch: 1782913710221797 798 (- - -)
Stopwatch2: 1782913710221797 798; combined=258, p1=203, p2=0, p3=0, p4=0, p5=55, sr=87, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ccbbad4b-Z--
--5ef6d871-A--
[01/Jul/2026:13:48:52.178105 +0000] akUaxFTTjV1b4WP-kpTuVQAAAI4 197.211.52.176 42184 172.26.37.160 7081
--5ef6d871-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5ef6d871-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5ef6d871-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaxFTTjV1b4WP-kpTuVQAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1782913732175385 2777 (- - -)
Stopwatch2: 1782913732175385 2777; combined=1642, p1=346, p2=1117, p3=0, p4=0, p5=118, sr=75, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5ef6d871-Z--
--b35c6d68-A--
[01/Jul/2026:13:48:52.967733 +0000] akUaxO78hS7eI671bASN4wAAANg 2.50.175.79 42206 172.26.37.160 7081
--b35c6d68-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b35c6d68-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b35c6d68-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUaxO78hS7eI671bASN4wAAANg"]
Action: Intercepted (phase 2)
Stopwatch: 1782913732964595 3199 (- - -)
Stopwatch2: 1782913732964595 3199; combined=2029, p1=768, p2=1074, p3=0, p4=0, p5=120, sr=70, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b35c6d68-Z--
--202bfd4e-A--
[01/Jul/2026:13:49:15.879775 +0000] akUa21OMiB2S1IlzKushBQAAAAY 102.110.8.12 34332 172.26.37.160 7081
--202bfd4e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--202bfd4e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--202bfd4e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUa21OMiB2S1IlzKushBQAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782913755875959 3873 (- - -)
Stopwatch2: 1782913755875959 3873; combined=1928, p1=342, p2=1395, p3=0, p4=0, p5=132, sr=80, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--202bfd4e-Z--
--bd8a4459-A--
[01/Jul/2026:13:49:26.396310 +0000] akUa5lTTjV1b4WP-kpTudQAAAIA 102.110.8.12 59186 172.26.37.160 7081
--bd8a4459-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--bd8a4459-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bd8a4459-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUa5lTTjV1b4WP-kpTudQAAAIA"]
Action: Intercepted (phase 2)
Stopwatch: 1782913766393298 3098 (- - -)
Stopwatch2: 1782913766393298 3098; combined=1613, p1=352, p2=1024, p3=0, p4=0, p5=160, sr=84, sw=77, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bd8a4459-Z--
--632e9929-A--
[01/Jul/2026:13:49:29.380710 +0000] akUa6VTTjV1b4WP-kpTudgAAAJQ 197.211.52.176 59204 172.26.37.160 7081
--632e9929-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--632e9929-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--632e9929-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUa6VTTjV1b4WP-kpTudgAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782913769377066 3722 (- - -)
Stopwatch2: 1782913769377066 3722; combined=2871, p1=351, p2=1474, p3=0, p4=0, p5=566, sr=80, sw=480, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--632e9929-Z--
--c810f825-A--
[01/Jul/2026:13:50:07.290837 +0000] akUbD1TTjV1b4WP-kpTufgAAAJc 2.50.175.79 51458 172.26.37.160 7081
--c810f825-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c810f825-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c810f825-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbD1TTjV1b4WP-kpTufgAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782913807288080 3707 (- - -)
Stopwatch2: 1782913807288080 3707; combined=1580, p1=365, p2=1015, p3=0, p4=0, p5=134, sr=76, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c810f825-Z--
--966faf78-A--
[01/Jul/2026:13:50:20.084846 +0000] akUbG1OMiB2S1IlzKushIAAAAAY 102.110.8.12 50928 172.26.37.160 7081
--966faf78-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--966faf78-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--966faf78-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbG1OMiB2S1IlzKushIAAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782913819412547 673453 (- - -)
Stopwatch2: 1782913819412547 673453; combined=1335613, p1=1099, p2=2270, p3=0, p4=0, p5=666175, sr=137, sw=666069, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--966faf78-Z--
--60f69d15-A--
[01/Jul/2026:13:51:00.214436 +0000] akUbRFTTjV1b4WP-kpTujQAAAIE 2.50.175.79 45030 172.26.37.160 7081
--60f69d15-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--60f69d15-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--60f69d15-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbRFTTjV1b4WP-kpTujQAAAIE"]
Action: Intercepted (phase 2)
Stopwatch: 1782913860209232 7085 (- - -)
Stopwatch2: 1782913860209232 7085; combined=2634, p1=914, p2=1457, p3=0, p4=0, p5=172, sr=97, sw=91, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--60f69d15-Z--
--29428641-A--
[01/Jul/2026:13:51:10.804615 +0000] akUbTlTTjV1b4WP-kpTukwAAAIo 2.50.175.79 40502 172.26.37.160 7081
--29428641-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--29428641-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--29428641-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbTlTTjV1b4WP-kpTukwAAAIo"]
Action: Intercepted (phase 2)
Stopwatch: 1782913870801511 3167 (- - -)
Stopwatch2: 1782913870801511 3167; combined=1564, p1=348, p2=1021, p3=0, p4=0, p5=128, sr=77, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--29428641-Z--
--26c69d49-A--
[01/Jul/2026:13:51:23.211091 +0000] akUbW1OMiB2S1IlzKushOQAAAAI 102.110.8.12 43948 172.26.37.160 7081
--26c69d49-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--26c69d49-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--26c69d49-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbW1OMiB2S1IlzKushOQAAAAI"]
Action: Intercepted (phase 2)
Stopwatch: 1782913883207787 3395 (- - -)
Stopwatch2: 1782913883207787 3395; combined=1914, p1=347, p2=1389, p3=0, p4=0, p5=118, sr=84, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--26c69d49-Z--
--4e252273-A--
[01/Jul/2026:13:51:29.420576 +0000] akUbYe78hS7eI671bASOGAAAAMA 197.211.52.176 32870 172.26.37.160 7081
--4e252273-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--4e252273-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4e252273-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbYe78hS7eI671bASOGAAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782913889417311 3498 (- - -)
Stopwatch2: 1782913889417311 3498; combined=1508, p1=320, p2=998, p3=0, p4=0, p5=124, sr=75, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4e252273-Z--
--5fc9ac51-A--
[01/Jul/2026:13:51:33.447845 +0000] akUbZVTTjV1b4WP-kpTumwAAAIc 91.186.252.201 32900 172.26.37.160 7081
--5fc9ac51-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--5fc9ac51-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5fc9ac51-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbZVTTjV1b4WP-kpTumwAAAIc"]
Action: Intercepted (phase 2)
Stopwatch: 1782913893443017 4911 (- - -)
Stopwatch2: 1782913893443017 4911; combined=2546, p1=336, p2=2018, p3=0, p4=0, p5=128, sr=84, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5fc9ac51-Z--
--a9d5c667-A--
[01/Jul/2026:13:51:57.519017 +0000] akUbfVTTjV1b4WP-kpTupAAAAJE 197.211.52.176 54210 172.26.37.160 7081
--a9d5c667-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a9d5c667-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a9d5c667-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbfVTTjV1b4WP-kpTupAAAAJE"]
Action: Intercepted (phase 2)
Stopwatch: 1782913917516498 2578 (- - -)
Stopwatch2: 1782913917516498 2578; combined=1493, p1=359, p2=967, p3=0, p4=0, p5=109, sr=74, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a9d5c667-Z--
--878f563f-A--
[01/Jul/2026:13:52:05.161362 +0000] akUbhVOMiB2S1IlzKushRgAAAAI 91.186.252.201 43542 172.26.37.160 7081
--878f563f-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--878f563f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--878f563f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbhVOMiB2S1IlzKushRgAAAAI"]
Action: Intercepted (phase 2)
Stopwatch: 1782913925157918 3538 (- - -)
Stopwatch2: 1782913925157918 3538; combined=1536, p1=310, p2=1054, p3=0, p4=0, p5=114, sr=76, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--878f563f-Z--
--b174c53b-A--
[01/Jul/2026:13:52:16.413539 +0000] akUbkFOMiB2S1IlzKushTAAAABI 102.110.8.12 42918 172.26.37.160 7081
--b174c53b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--b174c53b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b174c53b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbkFOMiB2S1IlzKushTAAAABI"]
Action: Intercepted (phase 2)
Stopwatch: 1782913936410753 2848 (- - -)
Stopwatch2: 1782913936410753 2848; combined=1505, p1=348, p2=978, p3=0, p4=0, p5=120, sr=79, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b174c53b-Z--
--694d8a5f-A--
[01/Jul/2026:13:52:24.828112 +0000] akUbmFTTjV1b4WP-kpTurwAAAI8 2.50.175.79 40022 172.26.37.160 7081
--694d8a5f-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--694d8a5f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--694d8a5f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbmFTTjV1b4WP-kpTurwAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782913944825010 3691 (- - -)
Stopwatch2: 1782913944825010 3691; combined=1945, p1=795, p2=965, p3=0, p4=0, p5=120, sr=72, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--694d8a5f-Z--
--76a70b45-A--
[01/Jul/2026:13:52:56.671605 +0000] akUbuO78hS7eI671bASOLQAAAM4 2.50.175.79 34338 172.26.37.160 7081
--76a70b45-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--76a70b45-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--76a70b45-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbuO78hS7eI671bASOLQAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782913976666922 7956 (- - -)
Stopwatch2: 1782913976666922 7956; combined=2431, p1=350, p2=1877, p3=0, p4=0, p5=138, sr=72, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--76a70b45-Z--
--2160fc7e-A--
[01/Jul/2026:13:53:03.819764 +0000] akUbv1TTjV1b4WP-kpTuwAAAAIE 197.211.52.176 34416 172.26.37.160 7081
--2160fc7e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--2160fc7e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2160fc7e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbv1TTjV1b4WP-kpTuwAAAAIE"]
Action: Intercepted (phase 2)
Stopwatch: 1782913983816334 3487 (- - -)
Stopwatch2: 1782913983816334 3487; combined=1718, p1=347, p2=1179, p3=0, p4=0, p5=127, sr=78, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2160fc7e-Z--
--a6b89f0b-A--
[01/Jul/2026:13:53:15.316312 +0000] akUby1OMiB2S1IlzKushcAAAAAI 104.22.1.201 60842 172.26.37.160 7081
--a6b89f0b-B--
GET /products/2164088837095?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.22.1.201
X-Forwarded-For: 2a03:2880:f806:20::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a145e553492eb31d-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:20::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--a6b89f0b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a6b89f0b-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/products/2164088837095"] [unique_id "akUby1OMiB2S1IlzKushcAAAAAI"]
Action: Intercepted (phase 1)
Stopwatch: 1782913995315633 748 (- - -)
Stopwatch2: 1782913995315633 748; combined=221, p1=167, p2=0, p3=0, p4=0, p5=54, sr=56, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a6b89f0b-Z--
--6a292842-A--
[01/Jul/2026:13:53:19.212405 +0000] akUbz@78hS7eI671bASOOgAAANI 91.186.252.201 60924 172.26.37.160 7081
--6a292842-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--6a292842-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6a292842-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUbz@78hS7eI671bASOOgAAANI"]
Action: Intercepted (phase 2)
Stopwatch: 1782913999208647 3831 (- - -)
Stopwatch2: 1782913999208647 3831; combined=2009, p1=361, p2=1488, p3=0, p4=0, p5=105, sr=95, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6a292842-Z--
--758c145d-A--
[01/Jul/2026:13:53:30.467239 +0000] akUb2lOMiB2S1IlzKusheQAAAAM 102.110.8.12 44922 172.26.37.160 7081
--758c145d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--758c145d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--758c145d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUb2lOMiB2S1IlzKusheQAAAAM"]
Action: Intercepted (phase 2)
Stopwatch: 1782914010464487 2814 (- - -)
Stopwatch2: 1782914010464487 2814; combined=1501, p1=386, p2=949, p3=0, p4=0, p5=108, sr=86, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--758c145d-Z--
--cd52f77d-A--
[01/Jul/2026:13:53:49.706407 +0000] akUb7VTTjV1b4WP-kpTu2AAAAI8 2.50.175.79 34780 172.26.37.160 7081
--cd52f77d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--cd52f77d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cd52f77d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUb7VTTjV1b4WP-kpTu2AAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782914029703291 3172 (- - -)
Stopwatch2: 1782914029703291 3172; combined=1718, p1=304, p2=1233, p3=0, p4=0, p5=119, sr=71, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cd52f77d-Z--
--501cba0d-A--
[01/Jul/2026:13:54:01.577197 +0000] akUb@e78hS7eI671bASOSwAAAMw 91.186.252.201 37664 172.26.37.160 7081
--501cba0d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--501cba0d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--501cba0d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUb@e78hS7eI671bASOSwAAAMw"]
Action: Intercepted (phase 2)
Stopwatch: 1782914041572860 4401 (- - -)
Stopwatch2: 1782914041572860 4401; combined=1620, p1=365, p2=1029, p3=0, p4=0, p5=151, sr=72, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--501cba0d-Z--
--dc619928-A--
[01/Jul/2026:13:54:35.455663 +0000] akUcG1OMiB2S1IlzKushogAAAAI 197.211.52.176 33800 172.26.37.160 7081
--dc619928-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--dc619928-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dc619928-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcG1OMiB2S1IlzKushogAAAAI"]
Action: Intercepted (phase 2)
Stopwatch: 1782914075452880 2874 (- - -)
Stopwatch2: 1782914075452880 2874; combined=1568, p1=339, p2=1064, p3=0, p4=0, p5=107, sr=79, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dc619928-Z--
--05a1cb18-A--
[01/Jul/2026:13:54:44.605729 +0000] akUcJFOMiB2S1IlzKushqgAAAAc 102.110.8.12 35472 172.26.37.160 7081
--05a1cb18-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: WordPress.com; https://wordpress.com
--05a1cb18-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--05a1cb18-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcJFOMiB2S1IlzKushqgAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782914084601666 4125 (- - -)
Stopwatch2: 1782914084601666 4125; combined=2745, p1=347, p2=2061, p3=0, p4=0, p5=273, sr=73, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--05a1cb18-Z--
--bfeca765-A--
[01/Jul/2026:13:55:05.577701 +0000] akUcOO78hS7eI671bASOXgAAANc 91.186.252.201 40964 172.26.37.160 7081
--bfeca765-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--bfeca765-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bfeca765-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcOO78hS7eI671bASOXgAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782914104908000 669763 (- - -)
Stopwatch2: 1782914104908000 669763; combined=1331808, p1=743, p2=1156, p3=0, p4=0, p5=664991, sr=69, sw=664918, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bfeca765-Z--
--61be0642-A--
[01/Jul/2026:13:55:16.399131 +0000] akUcRFTTjV1b4WP-kpTvAQAAAI4 102.110.8.12 43958 172.26.37.160 7081
--61be0642-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--61be0642-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--61be0642-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcRFTTjV1b4WP-kpTvAQAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1782914116395462 3748 (- - -)
Stopwatch2: 1782914116395462 3748; combined=1880, p1=359, p2=1330, p3=0, p4=0, p5=125, sr=90, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--61be0642-Z--
--04020966-A--
[01/Jul/2026:13:55:16.707897 +0000] akUcRO78hS7eI671bASOYgAAAMs 197.211.52.176 43964 172.26.37.160 7081
--04020966-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--04020966-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--04020966-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcRO78hS7eI671bASOYgAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782914116705278 2683 (- - -)
Stopwatch2: 1782914116705278 2683; combined=1675, p1=532, p2=978, p3=0, p4=0, p5=108, sr=78, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--04020966-Z--
--96a42c5e-A--
[01/Jul/2026:13:55:26.027057 +0000] akUcTlTTjV1b4WP-kpTvBgAAAJc 91.186.252.201 41742 172.26.37.160 7081
--96a42c5e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--96a42c5e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--96a42c5e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcTlTTjV1b4WP-kpTvBgAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782914126023936 3179 (- - -)
Stopwatch2: 1782914126023936 3179; combined=1505, p1=341, p2=977, p3=0, p4=0, p5=124, sr=87, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--96a42c5e-Z--
--5db0b05c-A--
[01/Jul/2026:13:55:40.918612 +0000] akUcXFTTjV1b4WP-kpTvEQAAAIU 197.211.52.176 39216 172.26.37.160 7081
--5db0b05c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5db0b05c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5db0b05c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcXFTTjV1b4WP-kpTvEQAAAIU"]
Action: Intercepted (phase 2)
Stopwatch: 1782914140914200 4482 (- - -)
Stopwatch2: 1782914140914200 4482; combined=1584, p1=311, p2=1064, p3=0, p4=0, p5=141, sr=74, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5db0b05c-Z--
--22e0c742-A--
[01/Jul/2026:13:56:07.301867 +0000] akUcd1OMiB2S1IlzKush4AAAAA0 2.50.175.79 33478 172.26.37.160 7081
--22e0c742-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--22e0c742-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--22e0c742-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcd1OMiB2S1IlzKush4AAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782914167298710 3218 (- - -)
Stopwatch2: 1782914167298710 3218; combined=2126, p1=951, p2=1004, p3=0, p4=0, p5=111, sr=73, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--22e0c742-Z--
--0f6b230a-A--
[01/Jul/2026:13:56:17.932240 +0000] akUcgVOMiB2S1IlzKush8QAAABE 2.50.175.79 46754 172.26.37.160 7081
--0f6b230a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--0f6b230a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0f6b230a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcgVOMiB2S1IlzKush8QAAABE"]
Action: Intercepted (phase 2)
Stopwatch: 1782914177928237 6005 (- - -)
Stopwatch2: 1782914177928237 6005; combined=2028, p1=337, p2=1513, p3=0, p4=0, p5=117, sr=69, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0f6b230a-Z--
--2b46c67a-A--
[01/Jul/2026:13:56:24.529361 +0000] akUciFOMiB2S1IlzKush9QAAAAw 197.211.52.176 33636 172.26.37.160 7081
--2b46c67a-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--2b46c67a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2b46c67a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUciFOMiB2S1IlzKush9QAAAAw"]
Action: Intercepted (phase 2)
Stopwatch: 1782914184524489 5070 (- - -)
Stopwatch2: 1782914184524489 5070; combined=1671, p1=414, p2=1020, p3=0, p4=0, p5=153, sr=78, sw=84, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2b46c67a-Z--
--5089c97e-A--
[01/Jul/2026:13:56:29.701108 +0000] akUcjVTTjV1b4WP-kpTvPgAAAIA 91.186.252.201 33818 172.26.37.160 7081
--5089c97e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5089c97e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5089c97e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcjVTTjV1b4WP-kpTvPgAAAIA"]
Action: Intercepted (phase 2)
Stopwatch: 1782914189697625 3539 (- - -)
Stopwatch2: 1782914189697625 3539; combined=2391, p1=325, p2=1892, p3=0, p4=0, p5=115, sr=73, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5089c97e-Z--
--75a26b13-A--
[01/Jul/2026:13:56:30.773969 +0000] akUcju78hS7eI671bASOiwAAAMs 102.110.8.12 33874 172.26.37.160 7081
--75a26b13-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 102.110.8.12
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US,en;q=0.8,fr-FR;q=0.6,fr-BE;q=0.4,fr;q=0.2
User-Agent: Jetpack by WordPress.com
--75a26b13-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--75a26b13-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.110.8.12 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcju78hS7eI671bASOiwAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782914190764965 10162 (- - -)
Stopwatch2: 1782914190764965 10162; combined=5869, p1=431, p2=5227, p3=0, p4=0, p5=142, sr=93, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--75a26b13-Z--
--be655f3b-A--
[01/Jul/2026:13:57:21.552242 +0000] akUcwVTTjV1b4WP-kpTvfwAAAJQ 2.50.175.79 48272 172.26.37.160 7081
--be655f3b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--be655f3b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--be655f3b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUcwVTTjV1b4WP-kpTvfwAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782914241549088 3214 (- - -)
Stopwatch2: 1782914241549088 3214; combined=1706, p1=337, p2=1194, p3=0, p4=0, p5=114, sr=79, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--be655f3b-Z--
--bff0af13-A--
[01/Jul/2026:13:57:33.270806 +0000] akUczVOMiB2S1IlzKusiPAAAABY 91.186.252.201 38926 172.26.37.160 7081
--bff0af13-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--bff0af13-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bff0af13-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUczVOMiB2S1IlzKusiPAAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782914253268198 2664 (- - -)
Stopwatch2: 1782914253268198 2664; combined=1465, p1=316, p2=984, p3=0, p4=0, p5=110, sr=79, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bff0af13-Z--
--2940fc54-A--
[01/Jul/2026:13:57:47.067301 +0000] akUc21TTjV1b4WP-kpTviwAAAIc 197.211.52.176 49610 172.26.37.160 7081
--2940fc54-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 700
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--2940fc54-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2940fc54-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUc21TTjV1b4WP-kpTviwAAAIc"]
Action: Intercepted (phase 2)
Stopwatch: 1782914267063839 3519 (- - -)
Stopwatch2: 1782914267063839 3519; combined=2342, p1=335, p2=1790, p3=0, p4=0, p5=151, sr=75, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2940fc54-Z--
--93e4495d-A--
[01/Jul/2026:13:58:25.253260 +0000] akUdAVOMiB2S1IlzKusiVgAAABY 2.50.175.79 43134 172.26.37.160 7081
--93e4495d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--93e4495d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--93e4495d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdAVOMiB2S1IlzKusiVgAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782914305250207 3121 (- - -)
Stopwatch2: 1782914305250207 3121; combined=1475, p1=304, p2=949, p3=0, p4=0, p5=147, sr=73, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--93e4495d-Z--
--5550d741-A--
[01/Jul/2026:13:58:29.877661 +0000] akUdBVOMiB2S1IlzKusiWQAAAAU 197.211.52.176 43182 172.26.37.160 7081
--5550d741-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 197.211.52.176
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--5550d741-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5550d741-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.211.52.176 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdBVOMiB2S1IlzKusiWQAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782914309875241 2484 (- - -)
Stopwatch2: 1782914309875241 2484; combined=1448, p1=306, p2=976, p3=0, p4=0, p5=109, sr=73, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5550d741-Z--
--865f9256-A--
[01/Jul/2026:13:58:46.623206 +0000] akUdFu78hS7eI671bASOvgAAAMs 2.50.175.79 50682 172.26.37.160 7081
--865f9256-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--865f9256-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--865f9256-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdFu78hS7eI671bASOvgAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782914326619359 3942 (- - -)
Stopwatch2: 1782914326619359 3942; combined=1921, p1=463, p2=1224, p3=0, p4=0, p5=154, sr=92, sw=80, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--865f9256-Z--
--f1e1bd63-A--
[01/Jul/2026:13:59:14.549610 +0000] akUdMu78hS7eI671bASOxgAAAMM 104.23.197.86 49330 172.26.37.160 7081
--f1e1bd63-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Finit.d HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.86
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee1b28efefe9-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f1e1bd63-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f1e1bd63-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Finit.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Finit.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdMu78hS7eI671bASOxgAAAMM"]
Action: Intercepted (phase 2)
Stopwatch: 1782914354547613 2071 (- - -)
Stopwatch2: 1782914354547613 2071; combined=410, p1=280, p2=80, p3=0, p4=0, p5=49, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f1e1bd63-Z--
--b5a0c77e-A--
[01/Jul/2026:13:59:19.097193 +0000] akUdN@78hS7eI671bASO1QAAAM8 91.186.252.201 49528 172.26.37.160 7081
--b5a0c77e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--b5a0c77e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b5a0c77e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdN@78hS7eI671bASO1QAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782914359090521 6732 (- - -)
Stopwatch2: 1782914359090521 6732; combined=2548, p1=463, p2=1841, p3=0, p4=0, p5=161, sr=113, sw=83, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b5a0c77e-Z--
--4cf2f02b-A--
[01/Jul/2026:13:59:21.213909 +0000] akUdOVTTjV1b4WP-kpTvuAAAAIM 104.23.197.86 49654 172.26.37.160 7081
--4cf2f02b-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fdefault HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.86
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee44d991efe9-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4cf2f02b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4cf2f02b-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdefault"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdefault"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdOVTTjV1b4WP-kpTvuAAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782914361211072 2911 (- - -)
Stopwatch2: 1782914361211072 2911; combined=513, p1=384, p2=77, p3=0, p4=0, p5=51, sr=89, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4cf2f02b-Z--
--e9090216-A--
[01/Jul/2026:13:59:23.887636 +0000] akUdO@78hS7eI671bASO3wAAAMM 104.23.197.86 49866 172.26.37.160 7081
--e9090216-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fmodules-load.d HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.86
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee5589a2efe9-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e9090216-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e9090216-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fmodules-load.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fmodules-load.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdO@78hS7eI671bASO3wAAAMM"]
Action: Intercepted (phase 2)
Stopwatch: 1782914363885622 2088 (- - -)
Stopwatch2: 1782914363885622 2088; combined=411, p1=284, p2=67, p3=0, p4=0, p5=59, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e9090216-Z--
--6887d45a-A--
[01/Jul/2026:13:59:24.091555 +0000] akUdPFOMiB2S1IlzKusifgAAAAQ 104.23.197.86 49892 172.26.37.160 7081
--6887d45a-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fcloud HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.86
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee56cc6befe9-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6887d45a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6887d45a-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcloud"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcloud"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdPFOMiB2S1IlzKusifgAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782914364087970 5745 (- - -)
Stopwatch2: 1782914364087970 5745; combined=886, p1=738, p2=75, p3=0, p4=0, p5=72, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6887d45a-Z--
--9b887e13-A--
[01/Jul/2026:13:59:24.768106 +0000] akUdPO78hS7eI671bASO4gAAAM4 104.23.197.86 47374 172.26.37.160 7081
--9b887e13-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fconsole-setup HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.86
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee5b0cb2efe9-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9b887e13-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9b887e13-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fconsole-setup"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fconsole-setup"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdPO78hS7eI671bASO4gAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782914364765624 2573 (- - -)
Stopwatch2: 1782914364765624 2573; combined=415, p1=299, p2=67, p3=0, p4=0, p5=48, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9b887e13-Z--
--2f15a14c-A--
[01/Jul/2026:13:59:24.860275 +0000] akUdPO78hS7eI671bASO4wAAAM0 104.23.197.86 47384 172.26.37.160 7081
--2f15a14c-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fsysctl.d HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.86
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee5b9dc4efe9-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--2f15a14c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2f15a14c-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsysctl.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsysctl.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdPO78hS7eI671bASO4wAAAM0"]
Action: Intercepted (phase 2)
Stopwatch: 1782914364857112 4086 (- - -)
Stopwatch2: 1782914364857112 4086; combined=433, p1=310, p2=67, p3=0, p4=0, p5=56, sr=64, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2f15a14c-Z--
--0d094230-A--
[01/Jul/2026:13:59:29.224208 +0000] akUdQVTTjV1b4WP-kpTvwwAAAIY 2.50.175.79 47448 172.26.37.160 7081
--0d094230-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--0d094230-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0d094230-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdQVTTjV1b4WP-kpTvwwAAAIY"]
Action: Intercepted (phase 2)
Stopwatch: 1782914369219264 5025 (- - -)
Stopwatch2: 1782914369219264 5025; combined=1627, p1=329, p2=1083, p3=0, p4=0, p5=152, sr=71, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0d094230-Z--
--257b9c05-A--
[01/Jul/2026:13:59:35.109866 +0000] akUdR@78hS7eI671bASO6gAAANU 162.159.115.20 47606 172.26.37.160 7081
--257b9c05-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fimunify-agent-proxy HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.20
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee98c8d7b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--257b9c05-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--257b9c05-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fimunify-agent-proxy"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fimunify-agent-proxy"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdR@78hS7eI671bASO6gAAANU"]
Action: Intercepted (phase 2)
Stopwatch: 1782914375107668 2267 (- - -)
Stopwatch2: 1782914375107668 2267; combined=402, p1=280, p2=70, p3=0, p4=0, p5=51, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--257b9c05-Z--
--7b42c421-A--
[01/Jul/2026:13:59:35.199756 +0000] akUdR1OMiB2S1IlzKusihwAAAA4 162.159.115.19 47608 172.26.37.160 7081
--7b42c421-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Flogcheck HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee9959d8b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7b42c421-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7b42c421-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Flogcheck"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Flogcheck"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdR1OMiB2S1IlzKusihwAAAA4"]
Action: Intercepted (phase 2)
Stopwatch: 1782914375198091 1752 (- - -)
Stopwatch2: 1782914375198091 1752; combined=533, p1=405, p2=70, p3=0, p4=0, p5=57, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7b42c421-Z--
--37bd105f-A--
[01/Jul/2026:13:59:35.397920 +0000] akUdR@78hS7eI671bASO6wAAAMw 162.159.115.19 47630 172.26.37.160 7081
--37bd105f-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fssl HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee9d59b5b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--37bd105f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--37bd105f-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fssl"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fssl"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdR@78hS7eI671bASO6wAAAMw"]
Action: Intercepted (phase 2)
Stopwatch: 1782914375394986 3026 (- - -)
Stopwatch2: 1782914375394986 3026; combined=895, p1=773, p2=72, p3=0, p4=0, p5=49, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--37bd105f-Z--
--8ce88c3e-A--
[01/Jul/2026:13:59:35.473413 +0000] akUdR1OMiB2S1IlzKusiiQAAAA8 162.159.115.20 47646 172.26.37.160 7081
--8ce88c3e-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fcsf HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.20
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ee9deabab23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8ce88c3e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8ce88c3e-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcsf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcsf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdR1OMiB2S1IlzKusiiQAAAA8"]
Action: Intercepted (phase 2)
Stopwatch: 1782914375470896 4272 (- - -)
Stopwatch2: 1782914375470896 4272; combined=439, p1=305, p2=66, p3=0, p4=0, p5=67, sr=85, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8ce88c3e-Z--
--1b8c4511-A--
[01/Jul/2026:13:59:36.291403 +0000] akUdSO78hS7eI671bASO8QAAAMs 162.159.115.20 47710 172.26.37.160 7081
--1b8c4511-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fapt HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.20
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145eea30ce6b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1b8c4511-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1b8c4511-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fapt"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fapt"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdSO78hS7eI671bASO8QAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782914376289569 4218 (- - -)
Stopwatch2: 1782914376289569 4218; combined=403, p1=285, p2=68, p3=0, p4=0, p5=49, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1b8c4511-Z--
--b1937247-A--
[01/Jul/2026:13:59:36.654689 +0000] akUdSO78hS7eI671bASO8gAAAMc 162.159.115.20 47768 172.26.37.160 7081
--b1937247-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fopt HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.20
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145eea55936b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--b1937247-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b1937247-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fopt"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fopt"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdSO78hS7eI671bASO8gAAAMc"]
Action: Intercepted (phase 2)
Stopwatch: 1782914376652877 1896 (- - -)
Stopwatch2: 1782914376652877 1896; combined=425, p1=300, p2=69, p3=0, p4=0, p5=55, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b1937247-Z--
--9df9c808-A--
[01/Jul/2026:13:59:39.612067 +0000] akUdS1OMiB2S1IlzKusikwAAABA 162.159.115.19 47990 172.26.37.160 7081
--9df9c808-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Ftmpfiles.d HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145eeb669d6b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9df9c808-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9df9c808-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Ftmpfiles.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Ftmpfiles.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdS1OMiB2S1IlzKusikwAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782914379401319 212442 (- - -)
Stopwatch2: 1782914379401319 212442; combined=46916, p1=46776, p2=65, p3=0, p4=0, p5=74, sr=46630, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9df9c808-Z--
--900b2c01-A--
[01/Jul/2026:13:59:40.672181 +0000] akUdTN-KBbYPZImIsXsNuAAAAEk 162.159.115.20 48724 172.26.37.160 7081
--900b2c01-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fvmware-tools HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.20
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145eebe6a02b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--900b2c01-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--900b2c01-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fvmware-tools"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fvmware-tools"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdTN-KBbYPZImIsXsNuAAAAEk"]
Action: Intercepted (phase 2)
Stopwatch: 1782914380669191 3060 (- - -)
Stopwatch2: 1782914380669191 3060; combined=1055, p1=916, p2=68, p3=0, p4=0, p5=70, sr=70, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--900b2c01-Z--
--a6fd7249-A--
[01/Jul/2026:13:59:42.175393 +0000] akUdTO78hS7eI671bASPGQAAAME 91.186.252.201 48674 172.26.37.160 7081
--a6fd7249-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--a6fd7249-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a6fd7249-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdTO78hS7eI671bASPGQAAAME"]
Action: Intercepted (phase 2)
Stopwatch: 1782914380172649 2003643 (- - -)
Stopwatch2: 1782914380172649 2003643; combined=3988964, p1=342, p2=7441, p3=0, p4=0, p5=1990618, sr=90, sw=1990563, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a6fd7249-Z--
--6a1a1955-A--
[01/Jul/2026:13:59:42.300981 +0000] akUdTlARN0ItUDdAEIzx3AAAAQ4 162.159.115.19 49778 172.26.37.160 7081
--6a1a1955-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fpostfix HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145eec89e76b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6a1a1955-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6a1a1955-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fpostfix"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fpostfix"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdTlARN0ItUDdAEIzx3AAAAQ4"]
Action: Intercepted (phase 2)
Stopwatch: 1782914382298608 2441 (- - -)
Stopwatch2: 1782914382298608 2441; combined=839, p1=701, p2=71, p3=0, p4=0, p5=66, sr=62, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6a1a1955-Z--
--47cf7967-A--
[01/Jul/2026:13:59:42.399518 +0000] akUdTu78hS7eI671bASPNAAAAMI 162.159.115.19 49792 172.26.37.160 7081
--47cf7967-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2FPackageKit HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145eec92f87b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--47cf7967-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--47cf7967-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2FPackageKit"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2FPackageKit"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdTu78hS7eI671bASPNAAAAMI"]
Action: Intercepted (phase 2)
Stopwatch: 1782914382396737 3625 (- - -)
Stopwatch2: 1782914382396737 3625; combined=449, p1=294, p2=67, p3=0, p4=0, p5=75, sr=64, sw=13, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--47cf7967-Z--
--ae9af41b-A--
[01/Jul/2026:13:59:43.207651 +0000] akUdS1OMiB2S1IlzKusiqAAAAAo 57.141.14.79 48380 172.26.37.160 7081
--ae9af41b-B--
GET /wp-content/themes/woodmart/css/parts/wp-blocks.min.css?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 57.141.14.79
X-Accel-Internal: /internal-nginx-static-location
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.9;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://eonhk.com/shop/page/22/?stock_status=instock&per_row=4&per_page=12&shop_view=grid
accept-encoding: gzip
cookie: shop_per_page=12; shop_view=grid; shop_per_row=4
--ae9af41b-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/themes/woodmart/css/parts/wp-blocks.min.css
Content-Length: 0
Content-Type: text/css
--ae9af41b-E--
--ae9af41b-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "2.50.175.79_39b9d0b9af9fc0add5088346622451a7e2717285"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "2.50.175.79_39b9d0b9af9fc0add5088346622451a7e2717285"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/css/parts/wp-blocks.min.css"] [unique_id "akUdS1OMiB2S1IlzKusiqAAAAAo"]
Stopwatch: 1782914379593671 3614786 (- - -)
Stopwatch2: 1782914379593671 3614786; combined=7075538, p1=245, p2=1755, p3=24, p4=18, p5=3583124, sr=56, sw=1, l=0, gc=3490371
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ae9af41b-Z--
--2511ae6e-A--
[01/Jul/2026:13:59:44.397103 +0000] akUdUO78hS7eI671bASPOAAAANY 162.159.115.20 37440 172.26.37.160 7081
--2511ae6e-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fsudoers.d HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.20
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145eed5b897b23b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--2511ae6e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2511ae6e-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsudoers.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsudoers.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdUO78hS7eI671bASPOAAAANY"]
Action: Intercepted (phase 2)
Stopwatch: 1782914384394133 3044 (- - -)
Stopwatch2: 1782914384394133 3044; combined=416, p1=270, p2=67, p3=0, p4=0, p5=78, sr=63, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2511ae6e-Z--
--65f52337-A--
[01/Jul/2026:13:59:50.572752 +0000] akUdVlARN0ItUDdAEIzx8wAAAQg 2.50.175.79 37700 172.26.37.160 7081
--65f52337-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--65f52337-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--65f52337-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdVlARN0ItUDdAEIzx8wAAAQg"]
Action: Intercepted (phase 2)
Stopwatch: 1782914390569601 3222 (- - -)
Stopwatch2: 1782914390569601 3222; combined=1906, p1=327, p2=1406, p3=0, p4=0, p5=113, sr=83, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--65f52337-Z--
--9d327316-A--
[01/Jul/2026:14:00:06.500835 +0000] akUdZu78hS7eI671bASPTQAAAMQ 172.71.81.82 44546 172.26.37.160 7081
--9d327316-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fdconf HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.82
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ef5fcabcd287-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9d327316-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9d327316-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdconf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdconf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdZu78hS7eI671bASPTQAAAMQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782914406498529 2378 (- - -)
Stopwatch2: 1782914406498529 2378; combined=438, p1=308, p2=69, p3=0, p4=0, p5=60, sr=88, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9d327316-Z--
--27e4235c-A--
[01/Jul/2026:14:00:06.972045 +0000] akUdZu78hS7eI671bASPTgAAAMA 172.71.81.82 44558 172.26.37.160 7081
--27e4235c-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fpollinate HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.82
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ef62c9bad287-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--27e4235c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--27e4235c-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fpollinate"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fpollinate"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdZu78hS7eI671bASPTgAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782914406969807 2308 (- - -)
Stopwatch2: 1782914406969807 2308; combined=900, p1=299, p2=536, p3=0, p4=0, p5=64, sr=78, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--27e4235c-Z--
--28f39c47-A--
[01/Jul/2026:14:00:20.504598 +0000] akUddO78hS7eI671bASPWgAAAMI 172.71.81.82 48228 172.26.37.160 7081
--28f39c47-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fapparmor HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.82
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145efb75d61d287-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--28f39c47-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--28f39c47-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fapparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fapparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUddO78hS7eI671bASPWgAAAMI"]
Action: Intercepted (phase 2)
Stopwatch: 1782914420502091 2581 (- - -)
Stopwatch2: 1782914420502091 2581; combined=425, p1=284, p2=76, p3=0, p4=0, p5=64, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--28f39c47-Z--
--e5bfe80e-A--
[01/Jul/2026:14:00:21.514884 +0000] akUdde78hS7eI671bASPXgAAAMU 172.71.81.82 48264 172.26.37.160 7081
--e5bfe80e-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fterminfo HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.82
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ef226a2dd287-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e5bfe80e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e5bfe80e-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fterminfo"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fterminfo"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdde78hS7eI671bASPXgAAAMU"]
Action: Intercepted (phase 2)
Stopwatch: 1782914421505239 13653 (- - -)
Stopwatch2: 1782914421505239 13653; combined=377, p1=231, p2=59, p3=0, p4=0, p5=86, sr=62, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e5bfe80e-Z--
--93b6eb77-A--
[01/Jul/2026:14:00:21.946088 +0000] akUddVARN0ItUDdAEIzx-AAAAQk 172.71.81.82 48284 172.26.37.160 7081
--93b6eb77-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fdepmod.d HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.82
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145ef218893d287-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--93b6eb77-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--93b6eb77-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdepmod.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdepmod.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUddVARN0ItUDdAEIzx-AAAAQk"]
Action: Intercepted (phase 2)
Stopwatch: 1782914421941021 8726 (- - -)
Stopwatch2: 1782914421941021 8726; combined=600, p1=398, p2=105, p3=0, p4=0, p5=96, sr=95, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--93b6eb77-Z--
--1189bb32-A--
[01/Jul/2026:14:00:22.601480 +0000] akUddlARN0ItUDdAEIzx-QAAARg 91.186.252.201 48298 172.26.37.160 7081
--1189bb32-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1189bb32-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1189bb32-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUddlARN0ItUDdAEIzx-QAAARg"]
Action: Intercepted (phase 2)
Stopwatch: 1782914422455099 146449 (- - -)
Stopwatch2: 1782914422455099 146449; combined=287936, p1=311, p2=1959, p3=0, p4=0, p5=142859, sr=69, sw=142807, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1189bb32-Z--
--c3305f52-A--
[01/Jul/2026:14:00:27.733698 +0000] akUde@78hS7eI671bASPYgAAAM0 172.71.81.82 46310 172.26.37.160 7081
--c3305f52-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fcron.d HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.82
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145efe48b89d287-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c3305f52-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c3305f52-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcron.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcron.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUde@78hS7eI671bASPYgAAAM0"]
Action: Intercepted (phase 2)
Stopwatch: 1782914427731145 2630 (- - -)
Stopwatch2: 1782914427731145 2630; combined=408, p1=277, p2=66, p3=0, p4=0, p5=64, sr=68, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c3305f52-Z--
--5fefb05e-A--
[01/Jul/2026:14:00:43.645885 +0000] akUdi9-KBbYPZImIsXsN-gAAAEk 91.186.252.201 41106 172.26.37.160 7081
--5fefb05e-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--5fefb05e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5fefb05e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdi9-KBbYPZImIsXsN-gAAAEk"]
Action: Intercepted (phase 2)
Stopwatch: 1782914443643314 2626 (- - -)
Stopwatch2: 1782914443643314 2626; combined=1484, p1=326, p2=988, p3=0, p4=0, p5=111, sr=91, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5fefb05e-Z--
--1533ff56-A--
[01/Jul/2026:14:00:44.147744 +0000] akUdjN-KBbYPZImIsXsN-wAAAFg 2.50.175.79 40492 172.26.37.160 7081
--1533ff56-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1533ff56-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1533ff56-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdjN-KBbYPZImIsXsN-wAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782914444144691 3135 (- - -)
Stopwatch2: 1782914444144691 3135; combined=2063, p1=377, p2=1516, p3=0, p4=0, p5=110, sr=121, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1533ff56-Z--
--f1e22a55-A--
[01/Jul/2026:14:01:05.383546 +0000] akUdoe78hS7eI671bASPcAAAAMo 2.50.175.79 35412 172.26.37.160 7081
--f1e22a55-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 2.50.175.79
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--f1e22a55-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f1e22a55-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.175.79 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUdoe78hS7eI671bASPcAAAAMo"]
Action: Intercepted (phase 2)
Stopwatch: 1782914465378623 8757 (- - -)
Stopwatch2: 1782914465378623 8757; combined=2309, p1=300, p2=1836, p3=0, p4=0, p5=114, sr=72, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f1e22a55-Z--
--176a3c09-A--
[01/Jul/2026:14:01:31.174955 +0000] akUdu@78hS7eI671bASPfgAAAME 104.23.197.87 35784 172.26.37.160 7081
--176a3c09-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fsw-cp-server HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.87
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f1711920910d-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--176a3c09-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--176a3c09-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsw-cp-server"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsw-cp-server"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdu@78hS7eI671bASPfgAAAME"]
Action: Intercepted (phase 2)
Stopwatch: 1782914491172512 2513 (- - -)
Stopwatch2: 1782914491172512 2513; combined=485, p1=341, p2=86, p3=0, p4=0, p5=58, sr=75, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--176a3c09-Z--
--50052f1a-A--
[01/Jul/2026:14:01:42.889250 +0000] akUdxt-KBbYPZImIsXsOHAAAAEQ 104.23.197.87 50266 172.26.37.160 7081
--50052f1a-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fxdg HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.87
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f1ba4f33910d-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--50052f1a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--50052f1a-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fxdg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fxdg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUdxt-KBbYPZImIsXsOHAAAAEQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782914502887677 1649 (- - -)
Stopwatch2: 1782914502887677 1649; combined=430, p1=298, p2=82, p3=0, p4=0, p5=50, sr=67, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--50052f1a-Z--
--b911fa45-A--
[01/Jul/2026:14:01:57.790415 +0000] akUd1VARN0ItUDdAEIzyHwAAAQA 91.186.252.201 43642 172.26.37.160 7081
--b911fa45-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b911fa45-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b911fa45-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUd1VARN0ItUDdAEIzyHwAAAQA"]
Action: Intercepted (phase 2)
Stopwatch: 1782914517787841 2635 (- - -)
Stopwatch2: 1782914517787841 2635; combined=1448, p1=320, p2=968, p3=0, p4=0, p5=104, sr=71, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b911fa45-Z--
--548e3c26-A--
[01/Jul/2026:14:02:01.448477 +0000] akUd2e78hS7eI671bASPlAAAAM8 104.23.197.87 43762 172.26.37.160 7081
--548e3c26-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fnetworkd-dispatcher HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.87
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f22e4f224b2a-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--548e3c26-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--548e3c26-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fnetworkd-dispatcher"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fnetworkd-dispatcher"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUd2e78hS7eI671bASPlAAAAM8"]
Action: Intercepted (phase 2)
Stopwatch: 1782914521445442 3747 (- - -)
Stopwatch2: 1782914521445442 3747; combined=409, p1=281, p2=67, p3=0, p4=0, p5=60, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--548e3c26-Z--
--a5630052-A--
[01/Jul/2026:14:02:08.383371 +0000] akUd4FARN0ItUDdAEIzyKwAAAQ0 91.186.252.201 58394 172.26.37.160 7081
--a5630052-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a5630052-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a5630052-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUd4FARN0ItUDdAEIzyKwAAAQ0"]
Action: Intercepted (phase 2)
Stopwatch: 1782914528378671 4791 (- - -)
Stopwatch2: 1782914528378671 4791; combined=3746, p1=460, p2=1275, p3=0, p4=0, p5=1052, sr=128, sw=959, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a5630052-Z--
--e496be74-A--
[01/Jul/2026:14:02:10.061532 +0000] akUd4lARN0ItUDdAEIzyLwAAARg 104.23.197.87 58460 172.26.37.160 7081
--e496be74-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fcron.daily HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.87
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f2641be14b2a-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e496be74-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e496be74-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcron.daily"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcron.daily"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUd4lARN0ItUDdAEIzyLwAAARg"]
Action: Intercepted (phase 2)
Stopwatch: 1782914530059602 2005 (- - -)
Stopwatch2: 1782914530059602 2005; combined=395, p1=282, p2=66, p3=0, p4=0, p5=47, sr=66, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e496be74-Z--
--49980614-A--
[01/Jul/2026:14:02:12.508245 +0000] akUd5O78hS7eI671bASPowAAAMs 104.23.197.87 58618 172.26.37.160 7081
--49980614-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fcron.hourly HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.87
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f2736e8a4b2a-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--49980614-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--49980614-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcron.hourly"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcron.hourly"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUd5O78hS7eI671bASPowAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782914532505273 3048 (- - -)
Stopwatch2: 1782914532505273 3048; combined=467, p1=304, p2=80, p3=0, p4=0, p5=82, sr=65, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--49980614-Z--
--62801605-A--
[01/Jul/2026:14:02:14.327387 +0000] akUd5lARN0ItUDdAEIzyPQAAAQw 104.23.197.87 43146 172.26.37.160 7081
--62801605-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fcron.monthly HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.197.87
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f27ecf314b2a-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--62801605-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--62801605-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcron.monthly"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fcron.monthly"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUd5lARN0ItUDdAEIzyPQAAAQw"]
Action: Intercepted (phase 2)
Stopwatch: 1782914534325633 1845 (- - -)
Stopwatch2: 1782914534325633 1845; combined=415, p1=297, p2=68, p3=0, p4=0, p5=49, sr=81, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--62801605-Z--
--32646e57-A--
[01/Jul/2026:14:02:32.521060 +0000] akUd@FARN0ItUDdAEIzyWwAAAQ8 104.23.243.173 33682 172.26.37.160 7081
--32646e57-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fubuntu-advantage HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.173
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f2f07b51c424-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--32646e57-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--32646e57-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fubuntu-advantage"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fubuntu-advantage"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUd@FARN0ItUDdAEIzyWwAAAQ8"]
Action: Intercepted (phase 2)
Stopwatch: 1782914552517853 6647 (- - -)
Stopwatch2: 1782914552517853 6647; combined=844, p1=710, p2=69, p3=0, p4=0, p5=65, sr=64, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--32646e57-Z--
--a3d3310d-A--
[01/Jul/2026:14:02:36.070087 +0000] akUd-O78hS7eI671bASPxQAAAM4 104.23.243.172 56840 172.26.37.160 7081
--a3d3310d-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fselinux HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.172
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f304fd93c424-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a3d3310d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a3d3310d-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fselinux"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fselinux"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUd-O78hS7eI671bASPxQAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782914556067872 2962 (- - -)
Stopwatch2: 1782914556067872 2962; combined=385, p1=221, p2=93, p3=0, p4=0, p5=70, sr=59, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a3d3310d-Z--
--f50e6c43-A--
[01/Jul/2026:14:02:41.142978 +0000] akUeAVARN0ItUDdAEIzyewAAAQw 104.23.243.173 57204 172.26.37.160 7081
--f50e6c43-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fsensors.d HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.173
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f3265aabc424-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f50e6c43-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f50e6c43-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsensors.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsensors.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeAVARN0ItUDdAEIzyewAAAQw"]
Action: Intercepted (phase 2)
Stopwatch: 1782914561135947 12015 (- - -)
Stopwatch2: 1782914561135947 12015; combined=1303, p1=298, p2=942, p3=0, p4=0, p5=62, sr=68, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f50e6c43-Z--
--5b59c55b-A--
[01/Jul/2026:14:02:41.683464 +0000] akUeAVARN0ItUDdAEIzyfQAAARM 104.23.243.173 57264 172.26.37.160 7081
--5b59c55b-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fbyobu HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.173
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f329c9b9c424-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--5b59c55b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5b59c55b-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fbyobu"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fbyobu"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeAVARN0ItUDdAEIzyfQAAARM"]
Action: Intercepted (phase 2)
Stopwatch: 1782914561681293 2246 (- - -)
Stopwatch2: 1782914561681293 2246; combined=501, p1=286, p2=64, p3=0, p4=0, p5=150, sr=63, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5b59c55b-Z--
--f1d1bf64-A--
[01/Jul/2026:14:02:42.310750 +0000] akUeAlARN0ItUDdAEIzyggAAAQU 104.23.243.173 57322 172.26.37.160 7081
--f1d1bf64-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fresolvconf HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.173
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f32da9a8c424-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--f1d1bf64-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f1d1bf64-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fresolvconf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fresolvconf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeAlARN0ItUDdAEIzyggAAAQU"]
Action: Intercepted (phase 2)
Stopwatch: 1782914562301143 14587 (- - -)
Stopwatch2: 1782914562301143 14587; combined=1046, p1=820, p2=122, p3=0, p4=0, p5=103, sr=106, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f1d1bf64-Z--
--8c2b3f2a-A--
[01/Jul/2026:14:02:45.113577 +0000] akUeBe78hS7eI671bASP2QAAANg 104.23.243.173 47570 172.26.37.160 7081
--8c2b3f2a-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fufw HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.173
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f33f3df9c424-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8c2b3f2a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8c2b3f2a-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fufw"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fufw"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeBe78hS7eI671bASP2QAAANg"]
Action: Intercepted (phase 2)
Stopwatch: 1782914565111061 2588 (- - -)
Stopwatch2: 1782914565111061 2588; combined=858, p1=277, p2=529, p3=0, p4=0, p5=51, sr=65, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8c2b3f2a-Z--
--1f85c872-A--
[01/Jul/2026:14:02:45.537706 +0000] akUeBe78hS7eI671bASP2wAAANI 104.23.243.173 47612 172.26.37.160 7081
--1f85c872-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fdictionaries-common HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.173
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f341cb32c424-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1f85c872-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1f85c872-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdictionaries-common"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdictionaries-common"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeBe78hS7eI671bASP2wAAANI"]
Action: Intercepted (phase 2)
Stopwatch: 1782914565535102 3976 (- - -)
Stopwatch2: 1782914565535102 3976; combined=405, p1=277, p2=70, p3=0, p4=0, p5=57, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1f85c872-Z--
--b03a1e2c-A--
[01/Jul/2026:14:03:01.313528 +0000] akUeFVARN0ItUDdAEIzylwAAARc 91.186.252.201 36954 172.26.37.160 7081
--b03a1e2c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--b03a1e2c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b03a1e2c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUeFVARN0ItUDdAEIzylwAAARc"]
Action: Intercepted (phase 2)
Stopwatch: 1782914581307950 9975 (- - -)
Stopwatch2: 1782914581307950 9975; combined=2361, p1=301, p2=1866, p3=0, p4=0, p5=127, sr=71, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b03a1e2c-Z--
--1a22614d-A--
[01/Jul/2026:14:03:17.349233 +0000] akUeJe78hS7eI671bASQDwAAAMo 172.71.81.81 38540 172.26.37.160 7081
--1a22614d-B--
GET /wp-sitemap.xml?lokasie=%2Fetc%2Fbash.bashrc&loknya=%2Fetc HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f408afc7f25b-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1a22614d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1a22614d-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fbash.bashrc&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fbash.bashrc&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeJe78hS7eI671bASQDwAAAMo"]
Action: Intercepted (phase 2)
Stopwatch: 1782914597346892 2450 (- - -)
Stopwatch2: 1782914597346892 2450; combined=517, p1=331, p2=112, p3=0, p4=0, p5=73, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1a22614d-Z--
--571b734f-A--
[01/Jul/2026:14:03:17.820222 +0000] akUeJd-KBbYPZImIsXsOmAAAAFQ 172.71.81.81 38576 172.26.37.160 7081
--571b734f-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fsw-collectd HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f40b9d92f25b-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--571b734f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--571b734f-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsw-collectd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fsw-collectd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeJd-KBbYPZImIsXsOmAAAAFQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782914597818185 2162 (- - -)
Stopwatch2: 1782914597818185 2162; combined=684, p1=281, p2=350, p3=0, p4=0, p5=53, sr=67, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--571b734f-Z--
--0c08fe01-A--
[01/Jul/2026:14:03:18.012315 +0000] akUeJu78hS7eI671bASQEgAAAMg 172.71.81.81 38614 172.26.37.160 7081
--0c08fe01-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fimunify-realtime-av HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f40ccfd5f25b-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0c08fe01-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0c08fe01-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fimunify-realtime-av"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fimunify-realtime-av"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeJu78hS7eI671bASQEgAAAMg"]
Action: Intercepted (phase 2)
Stopwatch: 1782914598008494 3918 (- - -)
Stopwatch2: 1782914598008494 3918; combined=414, p1=279, p2=73, p3=0, p4=0, p5=62, sr=64, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0c08fe01-Z--
--01124d66-A--
[01/Jul/2026:14:03:19.976681 +0000] akUeJ1ARN0ItUDdAEIzyywAAAQg 172.71.81.81 38750 172.26.37.160 7081
--01124d66-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fpolkit-1 HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f41908f2f25b-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--01124d66-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--01124d66-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fpolkit-1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fpolkit-1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeJ1ARN0ItUDdAEIzyywAAAQg"]
Action: Intercepted (phase 2)
Stopwatch: 1782914599974041 3603 (- - -)
Stopwatch2: 1782914599974041 3603; combined=400, p1=273, p2=66, p3=0, p4=0, p5=60, sr=60, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--01124d66-Z--
--b45dec5b-A--
[01/Jul/2026:14:03:21.790987 +0000] akUeKe78hS7eI671bASQGwAAAMo 172.71.81.81 38916 172.26.37.160 7081
--b45dec5b-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Facpi HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f4245ddaf25b-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--b45dec5b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b45dec5b-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Facpi"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Facpi"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeKe78hS7eI671bASQGwAAAMo"]
Action: Intercepted (phase 2)
Stopwatch: 1782914601788583 2485 (- - -)
Stopwatch2: 1782914601788583 2485; combined=1217, p1=1097, p2=71, p3=0, p4=0, p5=48, sr=65, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b45dec5b-Z--
--a8d53864-A--
[01/Jul/2026:14:03:22.551348 +0000] akUeKu78hS7eI671bASQHgAAANM 91.186.252.201 39002 172.26.37.160 7081
--a8d53864-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a8d53864-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a8d53864-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUeKu78hS7eI671bASQHgAAANM"]
Action: Intercepted (phase 2)
Stopwatch: 1782914602547339 4070 (- - -)
Stopwatch2: 1782914602547339 4070; combined=2083, p1=962, p2=944, p3=0, p4=0, p5=116, sr=72, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a8d53864-Z--
--47cc0343-A--
[01/Jul/2026:14:03:30.733377 +0000] akUeMt-KBbYPZImIsXsOqgAAAFM 104.22.72.11 35726 172.26.37.160 7081
--47cc0343-B--
GET /wp-sitemap.xml?loknya=%2Fetc%2Fdpkg HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.22.72.11
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a145f45a3cd4d806-SEA
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--47cc0343-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--47cc0343-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdpkg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?loknya=%2Fetc%2Fdpkg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUeMt-KBbYPZImIsXsOqgAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782914610730100 4253 (- - -)
Stopwatch2: 1782914610730100 4253; combined=434, p1=306, p2=65, p3=0, p4=0, p5=62, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--47cc0343-Z--
--0813785b-A--
[01/Jul/2026:14:04:04.801384 +0000] akUeVN-KBbYPZImIsXsOuAAAAEo 91.186.252.201 47128 172.26.37.160 7081
--0813785b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--0813785b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0813785b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUeVN-KBbYPZImIsXsOuAAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782914644798224 3217 (- - -)
Stopwatch2: 1782914644798224 3217; combined=1824, p1=335, p2=1304, p3=0, p4=0, p5=125, sr=74, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0813785b-Z--
--17cfc255-A--
[01/Jul/2026:14:05:08.422332 +0000] akUelN-KBbYPZImIsXsOyAAAAEM 91.186.252.201 46780 172.26.37.160 7081
--17cfc255-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--17cfc255-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--17cfc255-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUelN-KBbYPZImIsXsOyAAAAEM"]
Action: Intercepted (phase 2)
Stopwatch: 1782914708417507 7416 (- - -)
Stopwatch2: 1782914708417507 7416; combined=2422, p1=911, p2=1317, p3=0, p4=0, p5=131, sr=644, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--17cfc255-Z--
--352d1406-A--
[01/Jul/2026:14:05:19.051521 +0000] akUen@78hS7eI671bASQUgAAAMA 91.186.252.201 51750 172.26.37.160 7081
--352d1406-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--352d1406-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--352d1406-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUen@78hS7eI671bASQUgAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782914719047548 4034 (- - -)
Stopwatch2: 1782914719047548 4034; combined=2515, p1=349, p2=1943, p3=0, p4=0, p5=154, sr=80, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--352d1406-Z--
--2d405253-A--
[01/Jul/2026:14:06:43.545821 +0000] akUe89-KBbYPZImIsXsO4wAAAE0 91.186.252.201 54434 172.26.37.160 7081
--2d405253-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--2d405253-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2d405253-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUe89-KBbYPZImIsXsO4wAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782914803542741 3136 (- - -)
Stopwatch2: 1782914803542741 3136; combined=1932, p1=396, p2=1368, p3=0, p4=0, p5=109, sr=75, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2d405253-Z--
--b3602107-A--
[01/Jul/2026:14:07:57.422317 +0000] akUfPd-KBbYPZImIsXsPDQAAAEI 91.186.252.201 58332 172.26.37.160 7081
--b3602107-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--b3602107-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b3602107-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUfPd-KBbYPZImIsXsPDQAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782914877417854 6952 (- - -)
Stopwatch2: 1782914877417854 6952; combined=1985, p1=827, p2=949, p3=0, p4=0, p5=133, sr=77, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b3602107-Z--
--5cbd8f3f-A--
[01/Jul/2026:14:08:01.681639 +0000] akUfQVARN0ItUDdAEIzzKAAAAQA 172.71.30.41 58358 172.26.37.160 7081
--5cbd8f3f-B--
GET /products/523093302171?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: simottodesign.com
X-Real-IP: 172.71.30.41
X-Forwarded-For: 2a03:2880:f806:5::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a145faf70e47dd1d-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:5::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--5cbd8f3f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5cbd8f3f-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/products/523093302171"] [unique_id "akUfQVARN0ItUDdAEIzzKAAAAQA"]
Action: Intercepted (phase 1)
Stopwatch: 1782914881680878 846 (- - -)
Stopwatch2: 1782914881680878 846; combined=241, p1=189, p2=0, p3=0, p4=0, p5=51, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5cbd8f3f-Z--
--ee5e6e68-A--
[01/Jul/2026:14:08:07.957081 +0000] akUfR1ARN0ItUDdAEIzzMAAAARI 91.186.252.201 55558 172.26.37.160 7081
--ee5e6e68-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--ee5e6e68-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ee5e6e68-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUfR1ARN0ItUDdAEIzzMAAAARI"]
Action: Intercepted (phase 2)
Stopwatch: 1782914887953123 4048 (- - -)
Stopwatch2: 1782914887953123 4048; combined=1914, p1=335, p2=1407, p3=0, p4=0, p5=111, sr=75, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ee5e6e68-Z--
--3599d55a-A--
[01/Jul/2026:14:08:24.201866 +0000] akUfVu78hS7eI671bASQwgAAANI 34.72.176.129 39968 172.26.37.160 7081
--3599d55a-B--
GET /wp-content/cache/speedycache/www.preemptivestrategies.hk/assets/82ccf33e8c1f6498-post-2888.css HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 34.72.176.129
X-Accel-Internal: /internal-nginx-static-location
pragma: no-cache
cache-control: no-cache
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.preemptivestrategies.hk/
accept-encoding: gzip, deflate, br
priority: u=0
--3599d55a-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/cache/speedycache/www.preemptivestrategies.hk/assets/82ccf33e8c1f6498-post-2888.css
Cache-Control: public
Content-Length: 0
Content-Type: text/css
--3599d55a-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "2.50.175.79_8e0fd5ff87242da8d311b8799420e4b6b86701e8"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "2.50.175.79_8e0fd5ff87242da8d311b8799420e4b6b86701e8"): Internal error (specific information not available) [hostname "www.preemptivestrategies.hk"] [uri "/wp-content/cache/speedycache/www.preemptivestrategies.hk/assets/82ccf33e8c1f6498-post-2888.css"] [unique_id "akUfVu78hS7eI671bASQwgAAANI"]
Stopwatch: 1782914902901619 1300694 (- - -)
Stopwatch2: 1782914902901619 1300694; combined=2569430, p1=213, p2=1865, p3=26, p4=25, p5=1283670, sr=53, sw=1, l=0, gc=1283630
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3599d55a-Z--
--38a8a83b-A--
[01/Jul/2026:14:08:41.115981 +0000] akUfaVARN0ItUDdAEIzzhQAAAQQ 104.22.1.16 52326 172.26.37.160 7081
--38a8a83b-B--
GET /items/R476688626/?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.1.16
X-Forwarded-For: 2a03:2880:f806:1f::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a145fbefec90375b-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:1f::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--38a8a83b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--38a8a83b-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/items/R476688626/"] [unique_id "akUfaVARN0ItUDdAEIzzhQAAAQQ"]
Action: Intercepted (phase 1)
Stopwatch: 1782914921098604 17472 (- - -)
Stopwatch2: 1782914921098604 17472; combined=194, p1=146, p2=0, p3=0, p4=0, p5=47, sr=54, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--38a8a83b-Z--
--a80ba52b-A--
[01/Jul/2026:14:09:11.292459 +0000] akUfh@78hS7eI671bASRLwAAAMw 91.186.252.201 36486 172.26.37.160 7081
--a80ba52b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 91.186.252.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--a80ba52b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a80ba52b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.186.252.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUfh@78hS7eI671bASRLwAAAMw"]
Action: Intercepted (phase 2)
Stopwatch: 1782914951289352 3161 (- - -)
Stopwatch2: 1782914951289352 3161; combined=2000, p1=625, p2=1203, p3=0, p4=0, p5=112, sr=72, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a80ba52b-Z--
--746d7b7a-A--
[01/Jul/2026:14:11:44.813688 +0000] akUgIO78hS7eI671bASSTAAAAMM 172.71.81.81 47228 172.26.37.160 7081
--746d7b7a-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs%2Faccess_log.processed&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a146006c4a8b8a31-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--746d7b7a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--746d7b7a-H--
Message: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUgIO78hS7eI671bASSTAAAAMM"]
Action: Intercepted (phase 2)
Stopwatch: 1782915104811632 2132 (- - -)
Stopwatch2: 1782915104811632 2132; combined=940, p1=328, p2=562, p3=0, p4=0, p5=50, sr=72, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--746d7b7a-Z--
--b1f5e429-A--
[01/Jul/2026:14:12:19.824506 +0000] akUgQ1ARN0ItUDdAEIz03gAAAQA 172.71.81.81 40764 172.26.37.160 7081
--b1f5e429-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs%2Ferror_log&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14601471bf3ecfa-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--b1f5e429-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b1f5e429-H--
Message: Access denied with code 403 (phase 2). Matched phrase "logs/error_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/error_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/error_log"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "logs/error_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/error_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/error_log"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUgQ1ARN0ItUDdAEIz03gAAAQA"]
Action: Intercepted (phase 2)
Stopwatch: 1782915139821712 2896 (- - -)
Stopwatch2: 1782915139821712 2896; combined=880, p1=298, p2=523, p3=0, p4=0, p5=58, sr=68, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b1f5e429-Z--
--c6863e66-A--
[01/Jul/2026:14:12:26.448229 +0000] akUgSlARN0ItUDdAEIz03wAAAQs 162.159.115.14 47274 172.26.37.160 7081
--c6863e66-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs%2Faccess_log.processed.2.gz&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.14
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a146016d9a9f231f-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c6863e66-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c6863e66-H--
Message: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUgSlARN0ItUDdAEIz03wAAAQs"]
Action: Intercepted (phase 2)
Stopwatch: 1782915146445408 2906 (- - -)
Stopwatch2: 1782915146445408 2906; combined=1282, p1=712, p2=513, p3=0, p4=0, p5=57, sr=79, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c6863e66-Z--
--ef65420e-A--
[01/Jul/2026:14:12:35.752230 +0000] akUgU1ARN0ItUDdAEIz04gAAARI 162.159.115.14 33078 172.26.37.160 7081
--ef65420e-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs%2Faccess_log.webstat&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.14
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14601aab963231f-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ef65420e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ef65420e-H--
Message: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.webstat"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.webstat"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUgU1ARN0ItUDdAEIz04gAAARI"]
Action: Intercepted (phase 2)
Stopwatch: 1782915155749137 3171 (- - -)
Stopwatch2: 1782915155749137 3171; combined=898, p1=313, p2=524, p3=0, p4=0, p5=61, sr=72, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ef65420e-Z--
--e369c775-A--
[01/Jul/2026:14:12:46.542597 +0000] akUgXt-KBbYPZImIsXsQVgAAAEI 172.71.81.81 42308 172.26.37.160 7081
--e369c775-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs%2Faccess_log.processed.3.gz&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14601ee1f4f8a31-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e369c775-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e369c775-H--
Message: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUgXt-KBbYPZImIsXsQVgAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782915166539373 3295 (- - -)
Stopwatch2: 1782915166539373 3295; combined=1487, p1=310, p2=1119, p3=0, p4=0, p5=57, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e369c775-Z--
--cdbcf56b-A--
[01/Jul/2026:14:13:02.837555 +0000] akUgbu78hS7eI671bASSUwAAANI 172.71.81.81 59564 172.26.37.160 7081
--cdbcf56b-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs%2Ferror_log.2.gz&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1460253f914a151-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--cdbcf56b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cdbcf56b-H--
Message: Access denied with code 403 (phase 2). Matched phrase "logs/error_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/error_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/error_log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "logs/error_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/error_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/error_log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUgbu78hS7eI671bASSUwAAANI"]
Action: Intercepted (phase 2)
Stopwatch: 1782915182834410 3226 (- - -)
Stopwatch2: 1782915182834410 3226; combined=910, p1=300, p2=546, p3=0, p4=0, p5=63, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cdbcf56b-Z--
--80626819-A--
[01/Jul/2026:14:13:25.672605 +0000] akUghd-KBbYPZImIsXsQWgAAAEY 172.71.81.81 46374 172.26.37.160 7081
--80626819-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs%2Faccess_log.processed.7.gz&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14602dadd18f8ab-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--80626819-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--80626819-H--
Message: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed.7.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed.7.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUghd-KBbYPZImIsXsQWgAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782915205669789 2890 (- - -)
Stopwatch2: 1782915205669789 2890; combined=1080, p1=293, p2=720, p3=0, p4=0, p5=67, sr=74, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--80626819-Z--
--6a936653-A--
[01/Jul/2026:14:14:16.595254 +0000] akUguO78hS7eI671bASSbQAAANQ 172.71.81.81 40878 172.26.37.160 7081
--6a936653-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs%2Ferror_log.3.gz&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1460420da7acf89-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6a936653-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6a936653-H--
Message: Access denied with code 403 (phase 2). Matched phrase "logs/error_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/error_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/error_log.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "logs/error_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/error_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/error_log.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUguO78hS7eI671bASSbQAAANQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782915256592720 2617 (- - -)
Stopwatch2: 1782915256592720 2617; combined=904, p1=345, p2=497, p3=0, p4=0, p5=62, sr=68, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6a936653-Z--
--0c223331-A--
[01/Jul/2026:14:14:20.632486 +0000] akUgvO78hS7eI671bASSbgAAANE 172.71.81.81 40908 172.26.37.160 7081
--0c223331-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs%2Faccess_log.processed.5.gz&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Flogs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 172.71.81.81
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a146043a2ce92407-SIN
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0c223331-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0c223331-H--
Message: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed.5.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "logs/access_log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: logs/access_log found within ARGS:lokasie: /var/www/vhosts/simottodesign.com/logs/access_log.processed.5.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUgvO78hS7eI671bASSbgAAANE"]
Action: Intercepted (phase 2)
Stopwatch: 1782915260630133 2453 (- - -)
Stopwatch2: 1782915260630133 2453; combined=892, p1=311, p2=530, p3=0, p4=0, p5=50, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0c223331-Z--
--8fa82043-A--
[01/Jul/2026:14:35:53.603638 +0000] akUlyfellgjTnFA9ZpU@ZgAAAAw 172.71.95.111 58740 172.26.37.160 7081
--8fa82043-B--
GET /.git/HEAD HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.71.95.111
X-Forwarded-For: 141.11.62.23
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14623c91b57fffa-AMS
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
accept-encoding: gzip, br
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 141.11.62.23
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8fa82043-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8fa82043-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/.git/HEAD"] [unique_id "akUlyfellgjTnFA9ZpU@ZgAAAAw"]
Action: Intercepted (phase 1)
Stopwatch: 1782916553602447 1454 (- - -)
Stopwatch2: 1782916553602447 1454; combined=273, p1=187, p2=0, p3=0, p4=0, p5=86, sr=68, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8fa82043-Z--
--83a98906-A--
[01/Jul/2026:14:35:55.965825 +0000] akUly-ellgjTnFA9ZpU@aQAAABM 172.71.95.95 48496 172.26.37.160 7081
--83a98906-B--
GET /.git/config HTTP/1.1
Host: immunehk.com
X-Real-IP: 172.71.95.95
X-Forwarded-For: 141.11.62.23
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14623d83f67fffa-AMS
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0
accept-encoding: gzip, br
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 141.11.62.23
cf-ipcountry: NL
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--83a98906-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 14 Apr 2026 05:11:04 GMT
ETag: "31b-64f64a03f923e"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--83a98906-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "immunehk.com"] [uri "/.git/config"] [unique_id "akUly-ellgjTnFA9ZpU@aQAAABM"]
Action: Intercepted (phase 1)
Stopwatch: 1782916555965194 724 (- - -)
Stopwatch2: 1782916555965194 724; combined=258, p1=191, p2=0, p3=0, p4=0, p5=66, sr=89, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--83a98906-Z--
--9b36bd08-A--
[01/Jul/2026:14:36:24.837940 +0000] akUl41ARN0ItUDdAEIz26AAAAQk 113.10.222.11 53606 172.26.37.160 7081
--9b36bd08-B--
GET / HTTP/1.1
Host: eonhk.com
X-Real-IP: 113.10.222.11
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua: "Microsoft Edge";v="149", "Chromium";v="149", "Not)A;Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36 Edg/149.0.0.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=0, i
cookie: _ga=GA1.1.1427380917.1756197464; hide-bg-blur-effect=true; _gcl_au=1.1.403623478.1779873444; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2026-06-29%2004%3A06%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Feonhk.com%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fwww.bing.com%2F; sbjs_first_add=fd%3D2026-06-29%2004%3A06%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Feonhk.com%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fwww.bing.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dbing.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dbing.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F149.0.0.0%20Safari%2F537.36%20Edg%2F149.0.0.0; woodmart_recently_viewed_products=10192; _ga_JWZNZZ0JR8=GS2.1.s1782705979$o106$g1$t1782706007$j32$l0$h138627116
--9b36bd08-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.2.31
Link: <https://eonhk.com/wp-json/>; rel="https://api.w.org/", <https://eonhk.com/wp-json/wp/v2/pages/18>; rel="alternate"; title="JSON"; type="application/json", <https://eonhk.com/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 47276
Content-Type: text/html; charset=UTF-8
--9b36bd08-E--
<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<link rel="profile" href="https://gmpg.org/xfn/11">
<link rel="pingback" href="https://eonhk.com/xmlrpc.php">
<!-- Google Tag Manager -->
<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer','GTM-M6SVZ44V');</script>
<!-- End Google Tag Manager -->
<meta name='robots' content='index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1' />
<!-- This site is optimized with the Yoast SEO plugin v25.9 - https://yoast.com/wordpress/plugins/seo/ -->
<title>Home - EON Rental Limited - Event Furniture Rental for Outdoor Event</title>
<link rel="canonical" href="https://eonhk.com/" />
<meta property="og:locale" content="en_US" />
<meta property="og:type" content="website" />
<meta property="og:title" content="Home - EON Rental Limited - Event Furniture Rental for Outdoor Event" />
<meta property="og:description" content="EON COLLECTIONS FEATURED CATEGORIES Best Furniture and AV Equipment Rental Service. Outdoor 戶外傢俬 (51) 51 products Furniture 傢俬 (95) 95" />
<meta property="og:url" content="https://eonhk.com/" />
<meta property="og:site_name" content="EON Rental Limited - Event Furniture Rental for Outdoor Event" />
<meta property="article:modified_time" content="2026-06-24T06:39:39+00:00" />
<meta property="og:image" content="https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg" />
<meta name="twitter:card" content="summary_large_image" />
<script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"WebPage","@id":"https://eonhk.com/","url":"https://eonhk.com/","name":"Home - EON Rental Limited - Event Furniture Rental for Outdoor Event","isPartOf":{"@id":"https://eonhk.com/#website"},"primaryImageOfPage":{"@id":"https://eonhk.com/#primaryimage"},"image":{"@id":"https://eonhk.com/#primaryimage"},"thumbnailUrl":"https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg","datePublished":"2021-08-26T12:13:00+00:00","dateModified":"2026-06-24T06:39:39+00:00","breadcrumb":{"@id":"https://eonhk.com/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https://eonhk.com/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https://eonhk.com/#primaryimage","url":"https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg","contentUrl":"https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg","width":1200,"height":1200},{"@type":"BreadcrumbList","@id":"https://eonhk.com/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home"}]},{"@type":"WebSite","@id":"https://eonhk.com/#website","url":"https://eonhk.com/","name":"EON Rental Limited - Event Furniture Rental for Outdoor Event","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https://eonhk.com/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}</script>
<!-- / Yoast SEO plugin. -->
<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel="alternate" type="application/rss+xml" title="EON Rental Limited - Event Furniture Rental for Outdoor Event » Feed" href="https://eonhk.com/feed/" />
<link rel="alternate" type="application/rss+xml" title="EON Rental Limited - Event Furniture Rental for Outdoor Event » Comments Feed" href="https://eonhk.com/comments/feed/" />
<link rel="alternate" title="oEmbed (JSON)" type="application/json+oembed" href="https://eonhk.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Feonhk.com%2F" />
<link rel="alternate" title="oEmbed (XML)" type="text/xml+oembed" href="https://eonhk.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Feonhk.com%2F&format=xml" />
<style id="wp-img-auto-sizes-contain-inline-css">
img:is([sizes=auto i],[sizes^="auto," i]){contain-intrinsic-size:3000px 1500px}
/*# sourceURL=wp-img-auto-sizes-contain-inline-css */
</style>
<style id="classic-theme-styles-inline-css">
/*! This file is auto-generated */
.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}
/*# sourceURL=/wp-includes/css/classic-themes.min.css */
</style>
<link rel='stylesheet' id='wc-blocks-style-css' href='https://eonhk.com/wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-10.1.2' media='all' />
<style id="global-styles-inline-css">
:root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgb(6,147,227) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgb(252,185,0) 0%,rgb(255,105,0) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgb(255,105,0) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgb(255, 255, 255), 6px 6px rgb(0, 0, 0);--wp--preset--shadow--crisp: 6px 6px 0px rgb(0, 0, 0);}:where(body) { margin: 0; }:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}body{padding-top: 0px;padding-right: 0px;padding-bottom: 0px;padding-left: 0px;}:root :where(.wp-element-button, .wp-block-button__link){background-color: #32373c;border-width: 0;color: #fff;font-family: inherit;font-size: inherit;font-style: inherit;font-weight: inherit;letter-spacing: inherit;line-height: inherit;padding-top: calc(0.667em + 2px);padding-right: calc(1.333em + 2px);padding-bottom: calc(0.667em + 2px);padding-left: calc(1.333em + 2px);text-decoration: none;text-transform: inherit;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}
/*# sourceURL=global-styles-inline-css */
</style>
<link rel='stylesheet' id='wapf-frontend-css-css' href='https://eonhk.com/wp-content/plugins/advanced-product-fields-for-woocommerce/assets/css/frontend.min.css?ver=1.6.17' media='all' />
<link rel='stylesheet' id='sr7css-css' href='//eonhk.com/wp-content/plugins/slider-revolution-master/public/css/sr7.css?ver=6.7.20' media='all' />
<style id="woocommerce-inline-inline-css">
.woocommerce form .form-row .required { visibility: visible; }
/*# sourceURL=woocommerce-inline-inline-css */
</style>
<link rel='stylesheet' id='brands-styles-css' href='https://eonhk.com/wp-content/plugins/woocommerce/assets/css/brands.css?ver=10.1.2' media='all' />
<link rel='stylesheet' id='chaty-front-css-css' href='https://eonhk.com/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.4.81745577107' media='all' />
<link rel='stylesheet' id='elementor-frontend-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.26.0' media='all' />
<link rel='stylesheet' id='elementor-post-6-css' href='https://eonhk.com/wp-content/uploads/elementor/css/post-6.css?ver=1759918866' media='all' />
<link rel='stylesheet' id='elementor-post-18-css' href='https://eonhk.com/wp-content/uploads/elementor/css/post-18.css?ver=1782283179' media='all' />
<link rel='stylesheet' id='woodmart-style-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-helpers-wpb-elem-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/helpers-wpb-elem.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-recent-post-comments-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-wd-recent-posts-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-wd-recent-posts.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-nav-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-nav.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-wd-layered-nav-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-wd-layered-nav.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-swatches-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-swatches-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-swatches-filter-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-swatches-filter.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-product-cat-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-product-cat.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-product-list-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-product-list.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wpcf7-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/int-wpcf7.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-revolution-slider-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/int-rev-slider.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-paypal-payments-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/int-woo-paypal-payments.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-elementor-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/int-elem-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woocommerce-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woocommerce-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-star-rating-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-star-rating.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-el-track-order-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-el-track-order.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woocommerce-block-notices-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-block-notices.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wp-blocks-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/wp-blocks.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-tools-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-tools.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-elements-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-social-icons-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-social-icons.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-search-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-search.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-search-form-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-search-form.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wd-search-results-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-results.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wd-search-form-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-form.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-wd-search-cat-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-cat.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-my-account-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-my-account.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-cart-side-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-cart-side.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-cart-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-cart.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-shopping-cart-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-shopping-cart.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-mobile-nav-dropdown-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-mobile-nav-dropdown.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-header-categories-nav-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-category-nav.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-nav-vertical-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-nav-vertical.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-nav-vertical-design-default-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-nav-vertical-design-default.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-button-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-button.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-section-title-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-section-title.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-el-subtitle-style-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-subtitle-style.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-categories-loop-center-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-center-old.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-categories-loop-layout-masonry-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-layout-masonry.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-categories-loop-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-categories-loop-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-old.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-tabs-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-tabs.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-product-tabs-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-product-tabs.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-sticky-loader-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-sticky-loader.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-product-loop-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-product-loop.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-product-loop-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-product-loop-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-add-btn-replace-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-add-btn-replace.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mod-more-description-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-more-description.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-product-labels-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-product-labels.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-woo-mod-product-labels-round-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-product-labels-round.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-mfp-popup-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-swiper-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-slider-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-slider.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-animations-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-animations-transform.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-info-box-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-info-box.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-swiper-arrows-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper-arrows.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-swiper-pagin-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper-pagin.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-text-block-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-text-block.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-blog-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-blog-loop-base-old-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-loop-base-old.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-blog-loop-design-masonry-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-loop-design-masonry.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-image-gallery-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-gallery.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-widget-collapse-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/opt-widget-collapse.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-footer-base-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/footer-base.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-list-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-list.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-el-list-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/el-list-wpb-elem.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='wd-scroll-top-css' href='https://eonhk.com/wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='xts-style-header_153799-css' href='https://eonhk.com/wp-content/uploads/2025/05/xts-header_153799-1748323841.css?ver=8.0.4' media='all' />
<link rel='stylesheet' id='xts-google-fonts-css' href='https://fonts.googleapis.com/css?family=Lato:400,700%7CPoppins:400,600,500&ver=8.0.4' media='all' />
<link rel='stylesheet' id='google-fonts-1-css' href='https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto+Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap&ver=7.0' media='all' />
<link rel="preconnect" href="https://fonts.gstatic.com/" crossorigin><script id="jquery-core-js" src="https://eonhk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1"></script>
<script id="jquery-migrate-js" src="https://eonhk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1"></script>
<script async data-wp-strategy="async" id="tp-tools-js" src="//eonhk.com/wp-content/plugins/slider-revolution-master/public/js/libs/tptools.js?ver=6.7.20"></script>
<script async data-wp-strategy="async" id="sr7-js" src="//eonhk.com/wp-content/plugins/slider-revolution-master/public/js/sr7.js?ver=6.7.20"></script>
<script data-wp-strategy="defer" defer id="jquery-blockui-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.10.1.2"></script>
<script id="wc-add-to-cart-js-extra">
var wc_add_to_cart_params = {"ajax_url":"/wp-admin/admin-ajax.php","wc_ajax_url":"/?wc-ajax=%%endpoint%%","i18n_view_cart":"View cart","cart_url":"https://eonhk.com/cart/","is_cart":"","cart_redirect_after_add":"no"};
//# sourceURL=wc-add-to-cart-js-extra
</script>
<script data-wp-strategy="defer" defer id="wc-add-to-cart-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=10.1.2"></script>
<script data-wp-strategy="defer" defer id="js-cookie-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.10.1.2"></script>
<script id="woocommerce-js-extra">
var woocommerce_params = {"ajax_url":"/wp-admin/admin-ajax.php","wc_ajax_url":"/?wc-ajax=%%endpoint%%","i18n_password_show":"Show password","i18n_password_hide":"Hide password"};
//# sourceURL=woocommerce-js-extra
</script>
<script data-wp-strategy="defer" defer id="woocommerce-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=10.1.2"></script>
<script id="wd-device-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/device.min.js?ver=8.0.4"></script>
<script id="wd-scrollbar-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/scrollBar.min.js?ver=8.0.4"></script>
<link rel="https://api.w.org/" href="https://eonhk.com/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://eonhk.com/wp-json/wp/v2/pages/18" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://eonhk.com/xmlrpc.php?rsd" />
<meta name="generator" content="WordPress 7.0" />
<meta name="generator" content="WooCommerce 10.1.2" />
<link rel='shortlink' href='https://eonhk.com/' />
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<noscript><style>.woocommerce-product-gallery{ opacity: 1 !important; }</style></noscript>
<meta name="generator" content="Elementor 3.26.0; features: e_font_icon_svg, additional_custom_breakpoints, e_element_cache; settings: css_print_method-external, google_font-enabled, font_display-swap">
<style>.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style> <style>
.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload),
.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) * {
background-image: none !important;
}
@media screen and (max-height: 1024px) {
.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload),
.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) * {
background-image: none !important;
}
}
@media screen and (max-height: 640px) {
.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload),
.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) * {
background-image: none !important;
}
}
</style>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com/" crossorigin>
<meta name="generator" content="Powered by Slider Revolution 6.7.20 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface." />
<link rel="icon" href="https://eonhk.com/wp-content/uploads/2024/10/EON-favicon-logo-150x150.png" sizes="32x32" />
<link rel="icon" href="https://eonhk.com/wp-content/uploads/2024/10/EON-favicon-logo.png" sizes="192x192" />
<link rel="apple-touch-icon" href="https://eonhk.com/wp-content/uploads/2024/10/EON-favicon-logo.png" />
<meta name="msapplication-TileImage" content="https://eonhk.com/wp-content/uploads/2024/10/EON-favicon-logo.png" />
<script>
window._tpt ??= {};
window.SR7 ??= {};
_tpt.R ??= {};
_tpt.R.fonts ??= {};
_tpt.R.fonts.customFonts??= {};
SR7.devMode = false;
SR7.F ??= {};
SR7.G ??= {};
SR7.LIB ??= {};
SR7.E ??= {};
SR7.E.gAddons ??= {};
SR7.E.php ??= {};
SR7.E.nonce = '8912804d85';
SR7.E.ajaxurl = 'https://eonhk.com/wp-admin/admin-ajax.php';
SR7.E.resturl = 'https://eonhk.com/wp-json/';
SR7.E.slug_path = 'slider-revolution-master/revslider.php';
SR7.E.slug = 'revslider';
SR7.E.plugin_url = 'https://eonhk.com/wp-content/plugins/slider-revolution-master/';
SR7.E.wp_plugin_url = 'https://eonhk.com/wp-content/plugins/';
SR7.E.revision = '6.7.20';
SR7.E.fontBaseUrl = '//fonts.googleapis.com/css2?family=';
SR7.G.breakPoints = [1240,1024,778,480];
SR7.E.modules = ['module','page','slide','layer','draw','animate','srtools','canvas','defaults','carousel','navigation','media','modifiers','migration'];
SR7.E.libs = ['WEBGL'];
SR7.E.css = ['csslp','cssbtns','cssfilters','cssnav','cssmedia'];
SR7.E.resources = {};
SR7.JSON ??= {};
/*! Slider Revolution 7.0 - Page Processor */
!function(){"use strict";window.SR7??={},window._tpt??={},SR7.version="Slider Revolution 6.7.16",_tpt.getWinDim=function(t){_tpt.screenHeightWithUrlBar??=window.innerHeight;let e=SR7.F?.modal?.visible&&SR7.M[SR7.F.module.getIdByAlias(SR7.F.modal.requested)];_tpt.scrollBar=window.innerWidth!==document.documentElement.clientWidth||e&&window.innerWidth!==e.c.module.clientWidth,_tpt.winW=window.innerWidth-(_tpt.scrollBar||"prepare"==t?_tpt.scrollBarW??_tpt.mesureScrollBar():0),_tpt.winH=window.innerHeight,_tpt.winWAll=document.documentElement.clientWidth},_tpt.getResponsiveLevel=function(t,e){SR7.M[e];return _tpt.closestGE(t,_tpt.winWAll)},_tpt.mesureScrollBar=function(){let t=document.createElement("div");return t.className="RSscrollbar-measure",t.style.width="100px",t.style.height="100px",t.style.overflow="scroll",t.style.position="absolute",t.style.top="-9999px",document.body.appendChild(t),_tpt.scrollBarW=t.offsetWidth-t.clientWidth,document.body.removeChild(t),_tpt.scrollBarW},_tpt.loadCSS=async function(t,e,s){return s?_tpt.R.fonts.required[e].status=1:(_tpt.R[e]??={},_tpt.R[e].status=1),new Promise(((n,i)=>{if(_tpt.isStylesheetLoaded(t))s?_tpt.R.fonts.required[e].status=2:_tpt.R[e].status=2,n();else{const l=document.createElement("link");l.rel="stylesheet";let o="text",r="css";l["type"]=o+"/"+r,l.href=t,l.onload=()=>{s?_tpt.R.fonts.required[e].status=2:_tpt.R[e].status=2,n()},l.onerror=()=>{s?_tpt.R.fonts.required[e].status=3:_tpt.R[e].status=3,i(new Error(`Failed to load CSS: ${t}`))},document.head.appendChild(l)}}))},_tpt.addContainer=function(t){const{tag:e="div",id:s,class:n,datas:i,textContent:l,iHTML:o}=t,r=document.createElement(e);if(s&&""!==s&&(r.id=s),n&&""!==n&&(r.className=n),i)for(const[t,e]of Object.entries(i))"style"==t?r.style.cssText=e:r.setAttribute(`data-${t}`,e);return l&&(r.textContent=l),o&&(r.innerHTML=o),r},_tpt.collector=function(){return{fragment:new DocumentFragment,add(t){var e=_tpt.addContainer(t);return this.fragment.appendChild(e),e},append(t){t.appendChild(this.fragment)}}},_tpt.isStylesheetLoaded=function(t){let e=t.split("?")[0];return Array.from(document.querySelectorAll('link[rel="stylesheet"], link[rel="preload"]')).some((t=>t.href.split("?")[0]===e))},_tpt.preloader={requests:new Map,preloaderTemplates:new Map,show:function(t,e){if(!e||!t)return;const{type:s,color:n}=e;if(s<0||"off"==s)return;const i=`preloader_${s}`;let l=this.preloaderTemplates.get(i);l||(l=this.build(s,n),this.preloaderTemplates.set(i,l)),this.requests.has(t)||this.requests.set(t,{count:0});const o=this.requests.get(t);clearTimeout(o.timer),o.count++,1===o.count&&(o.timer=setTimeout((()=>{o.preloaderClone=l.cloneNode(!0),o.anim&&o.anim.kill(),void 0!==_tpt.gsap?o.anim=_tpt.gsap.fromTo(o.preloaderClone,1,{opacity:0},{opacity:1}):o.preloaderClone.classList.add("sr7-fade-in"),t.appendChild(o.preloaderClone)}),150))},hide:function(t){if(!this.requests.has(t))return;const e=this.requests.get(t);e.count--,e.count<0&&(e.count=0),e.anim&&e.anim.kill(),0===e.count&&(clearTimeout(e.timer),e.preloaderClone&&(e.preloaderClone.classList.remove("sr7-fade-in"),e.anim=_tpt.gsap.to(e.preloaderClone,.3,{opacity:0,onComplete:function(){e.preloaderClone.remove()}})))},state:function(t){if(!this.requests.has(t))return!1;return this.requests.get(t).count>0},build:(t,e="#ffffff",s="")=>{if(t<0||"off"===t)return null;const n=parseInt(t);if(t="prlt"+n,isNaN(n))return null;if(_tpt.loadCSS(SR7.E.plugin_url+"public/css/preloaders/t"+n+".css","preloader_"+t),isNaN(n)||n<6){const i=`background-color:${e}`,l=1===n||2==n?i:"",o=3===n||4==n?i:"",r=_tpt.collector();["dot1","dot2","bounce1","bounce2","bounce3"].forEach((t=>r.add({tag:"div",class:t,datas:{style:o}})));const d=_tpt.addContainer({tag:"sr7-prl",class:`${t} ${s}`,datas:{style:l}});return r.append(d),d}{let i={};if(7===n){let t;e.startsWith("#")?(t=e.replace("#",""),t=`rgba(${parseInt(t.substring(0,2),16)}, ${parseInt(t.substring(2,4),16)}, ${parseInt(t.substring(4,6),16)}, `):e.startsWith("rgb")&&(t=e.slice(e.indexOf("(")+1,e.lastIndexOf(")")).split(",").map((t=>t.trim())),t=`rgba(${t[0]}, ${t[1]}, ${t[2]}, `),t&&(i.style=`border-top-color: ${t}0.65); border-bottom-color: ${t}0.15); border-left-color: ${t}0.65); border-right-color: ${t}0.15)`)}else 12===n&&(i.style=`background:${e}`);const l=[10,0,4,2,5,9,0,4,4,2][n-6],o=_tpt.collector(),r=o.add({tag:"div",class:"sr7-prl-inner",datas:i});Array.from({length:l}).forEach((()=>r.appendChild(o.add({tag:"span",datas:{style:`background:${e}`}}))));const d=_tpt.addContainer({tag:"sr7-prl",class:`${t} ${s}`});return o.append(d),d}}},SR7.preLoader={show:(t,e)=>{"off"!==(SR7.M[t]?.settings?.pLoader?.type??"off")&&_tpt.preloader.show(e||SR7.M[t].c.module,SR7.M[t]?.settings?.pLoader??{color:"#fff",type:10})},hide:(t,e)=>{"off"!==(SR7.M[t]?.settings?.pLoader?.type??"off")&&_tpt.preloader.hide(e||SR7.M[t].c.module)},state:(t,e)=>_tpt.preloader.state(e||SR7.M[t].c.module)},_tpt.prepareModuleHeight=function(t){window.SR7.M??={},window.SR7.M[t.id]??={},"ignore"==t.googleFont&&(SR7.E.ignoreGoogleFont=!0);let e=window.SR7.M[t.id];if(null==_tpt.scrollBarW&&_tpt.mesureScrollBar(),e.c??={},e.states??={},e.settings??={},e.settings.size??={},t.fixed&&(e.settings.fixed=!0),e.c.module=document.getElementById(t.id),e.c.adjuster=e.c.module.getElementsByTagName("sr7-adjuster")[0],e.c.content=e.c.module.getElementsByTagName("sr7-content")[0],"carousel"==t.type&&(e.c.carousel=e.c.content.getElementsByTagName("sr7-carousel")[0]),null==e.c.module||null==e.c.module)return;t.plType&&t.plColor&&(e.settings.pLoader={type:t.plType,color:t.plColor}),void 0!==t.plType&&"off"!==t.plType&&SR7.preLoader.show(t.id,e.c.module),_tpt.winW||_tpt.getWinDim("prepare"),_tpt.getWinDim();let s=""+e.c.module.dataset?.modal;"modal"==s||"true"==s||"undefined"!==s&&"false"!==s||(e.settings.size.fullWidth=t.size.fullWidth,e.LEV??=_tpt.getResponsiveLevel(window.SR7.G.breakPoints,t.id),t.vpt=_tpt.fillArray(t.vpt,5),e.settings.vPort=t.vpt[e.LEV],void 0!==t.el&&"720"==t.el[4]&&t.gh[4]!==t.el[4]&&"960"==t.el[3]&&t.gh[3]!==t.el[3]&&"768"==t.el[2]&&t.gh[2]!==t.el[2]&&delete t.el,e.settings.size.height=null==t.el||null==t.el[e.LEV]||0==t.el[e.LEV]||"auto"==t.el[e.LEV]?_tpt.fillArray(t.gh,5,-1):_tpt.fillArray(t.el,5,-1),e.settings.size.width=_tpt.fillArray(t.gw,5,-1),e.settings.size.minHeight=_tpt.fillArray(t.mh??[0],5,-1),e.cacheSize={fullWidth:e.settings.size?.fullWidth,fullHeight:e.settings.size?.fullHeight},void 0!==t.off&&(t.off?.t&&(e.settings.size.m??={})&&(e.settings.size.m.t=t.off.t),t.off?.b&&(e.settings.size.m??={})&&(e.settings.size.m.b=t.off.b),t.off?.l&&(e.settings.size.p??={})&&(e.settings.size.p.l=t.off.l),t.off?.r&&(e.settings.size.p??={})&&(e.settings.size.p.r=t.off.r),e.offsetPrepared=!0),_tpt.updatePMHeight(t.id,t,!0))},_tpt.updatePMHeight=(t,e,s)=>{let n=SR7.M[t];var i=n.settings.size.fullWidth?_tpt.winW:n.c.module.parentNode.offsetWidth;i=0===i||isNaN(i)?_tpt.winW:i;let l=n.settings.size.width[n.LEV]||n.settings.size.width[n.LEV++]||n.settings.size.width[n.LEV--]||i,o=n.settings.size.height[n.LEV]||n.settings.size.height[n.LEV++]||n.settings.size.height[n.LEV--]||0,r=n.settings.size.minHeight[n.LEV]||n.settings.size.minHeight[n.LEV++]||n.settings.size.minHeight[n.LEV--]||0;if(o="auto"==o?0:o,o=parseInt(o),"carousel"!==e.type&&(i-=parseInt(e.onw??0)||0),n.MP=!n.settings.size.fullWidth&&i<l||_tpt.winW<l?Math.min(1,i/l):1,e.size.fullScreen||e.size.fullHeight){let t=parseInt(e.fho)||0,s=(""+e.fho).indexOf("%")>-1;e.newh=_tpt.winH-(s?_tpt.winH*t/100:t)}else e.newh=n.MP*Math.max(o,r);if(e.newh+=(parseInt(e.onh??0)||0)+(parseInt(e.carousel?.pt)||0)+(parseInt(e.carousel?.pb)||0),void 0!==e.slideduration&&(e.newh=Math.max(e.newh,parseInt(e.slideduration)/3)),e.shdw&&_tpt.buildShadow(e.id,e),n.c.adjuster.style.height=e.newh+"px",n.c.module.style.height=e.newh+"px",n.c.content.style.height=e.newh+"px",n.states.heightPrepared=!0,n.dims??={},n.dims.moduleRect=n.c.module.getBoundingClientRect(),n.c.content.style.left="-"+n.dims.moduleRect.left+"px",!n.settings.size.fullWidth)return s&&requestAnimationFrame((()=>{i!==n.c.module.parentNode.offsetWidth&&_tpt.updatePMHeight(e.id,e)})),void _tpt.bgStyle(e.id,e,window.innerWidth==_tpt.winW,!0);_tpt.bgStyle(e.id,e,window.innerWidth==_tpt.winW,!0),requestAnimationFrame((function(){s&&requestAnimationFrame((()=>{i!==n.c.module.parentNode.offsetWidth&&_tpt.updatePMHeight(e.id,e)}))})),n.earlyResizerFunction||(n.earlyResizerFunction=function(){requestAnimationFrame((function(){_tpt.getWinDim(),_tpt.moduleDefaults(e.id,e),_tpt.updateSlideBg(t,!0)}))},window.addEventListener("resize",n.earlyResizerFunction))},_tpt.buildShadow=function(t,e){let s=SR7.M[t];null==s.c.shadow&&(s.c.shadow=document.createElement("sr7-module-shadow"),s.c.shadow.classList.add("sr7-shdw-"+e.shdw),s.c.content.appendChild(s.c.shadow))},_tpt.bgStyle=async(t,e,s,n,i)=>{const l=SR7.M[t];if((e=e??l.settings).fixed&&!l.c.module.classList.contains("sr7-top-fixed")&&(l.c.module.classList.add("sr7-top-fixed"),l.c.module.style.position="fixed",l.c.module.style.width="100%",l.c.module.style.top="0px",l.c.module.style.left="0px",l.c.module.style.pointerEvents="none",l.c.module.style.zIndex=5e3,l.c.content.style.pointerEvents="none"),null==l.c.bgcanvas){let t=document.createElement("sr7-module-bg"),o=!1;if("string"==typeof e?.bg?.color&&e?.bg?.color.includes("{"))if(_tpt.gradient&&_tpt.gsap)e.bg.color=_tpt.gradient.convert(e.bg.color);else try{let t=JSON.parse(e.bg.color);(t?.orig||t?.string)&&(e.bg.color=JSON.parse(e.bg.color))}catch(t){return}let r="string"==typeof e?.bg?.color?e?.bg?.color||"transparent":e?.bg?.color?.string??e?.bg?.color?.orig??e?.bg?.color?.color??"transparent";if(t.style["background"+(String(r).includes("grad")?"":"Color")]=r,("transparent"!==r||i)&&(o=!0),l.offsetPrepared&&(t.style.visibility="hidden"),e?.bg?.image?.src&&(t.style.backgroundImage=`url(${e?.bg?.image.src})`,t.style.backgroundSize=""==(e.bg.image?.size??"")?"cover":e.bg.image.size,t.style.backgroundPosition=e.bg.image.position,t.style.backgroundRepeat=""==e.bg.image.repeat||null==e.bg.image.repeat?"no-repeat":e.bg.image.repeat,o=!0),!o)return;l.c.bgcanvas=t,e.size.fullWidth?t.style.width=_tpt.winW-(s&&_tpt.winH<document.body.offsetHeight?_tpt.scrollBarW:0)+"px":n&&(t.style.width=l.c.module.offsetWidth+"px"),e.sbt?.use?l.c.content.appendChild(l.c.bgcanvas):l.c.module.appendChild(l.c.bgcanvas)}l.c.bgcanvas.style.height=void 0!==e.newh?e.newh+"px":("carousel"==e.type?l.dims.module.h:l.dims.content.h)+"px",l.c.bgcanvas.style.left=!s&&e.sbt?.use||l.c.bgcanvas.closest("SR7-CONTENT")?"0px":"-"+(l?.dims?.moduleRect?.left??0)+"px"},_tpt.updateSlideBg=function(t,e){const s=SR7.M[t];let n=s.settings;s?.c?.bgcanvas&&(n.size.fullWidth?s.c.bgcanvas.style.width=_tpt.winW-(e&&_tpt.winH<document.body.offsetHeight?_tpt.scrollBarW:0)+"px":preparing&&(s.c.bgcanvas.style.width=s.c.module.offsetWidth+"px"))},_tpt.moduleDefaults=(t,e)=>{let s=SR7.M[t];null!=s&&null!=s.c&&null!=s.c.module&&(s.dims??={},s.dims.moduleRect=s.c.module.getBoundingClientRect(),s.c.content.style.left="-"+s.dims.moduleRect.left+"px",s.c.content.style.width=_tpt.winW-_tpt.scrollBarW+"px","carousel"==e.type&&(s.c.module.style.overflow="visible"),_tpt.bgStyle(t,e,window.innerWidth==_tpt.winW))},_tpt.getOffset=t=>{var e=t.getBoundingClientRect(),s=window.pageXOffset||document.documentElement.scrollLeft,n=window.pageYOffset||document.documentElement.scrollTop;return{top:e.top+n,left:e.left+s}},_tpt.fillArray=function(t,e){let s,n;t=Array.isArray(t)?t:[t];let i=Array(e),l=t.length;for(n=0;n<t.length;n++)i[n+(e-l)]=t[n],null==s&&"#"!==t[n]&&(s=t[n]);for(let t=0;t<e;t++)void 0!==i[t]&&"#"!=i[t]||(i[t]=s),s=i[t];return i},_tpt.closestGE=function(t,e){let s=Number.MAX_VALUE,n=-1;for(let i=0;i<t.length;i++)t[i]-1>=e&&t[i]-1-e<s&&(s=t[i]-1-e,n=i);return++n}}();</script>
<style id="wp-custom-css">
.product_meta .sku{
color:#CF0B37
}
.grecaptcha-badge {
visibility: hidden !important;
}
.scrollToTop {
right: 28px;
bottom: 80px;
}
/* mobile menu button style */
@media only screen and (min-width: 1024px) {
.desktop-hide {
display: none !important;
}
}
.btn-style-menu a{
background-color: rgba(207, 11, 55, 1);
color: #ffffff !important;
margin-left: 20px;
margin-right: 20px;
padding: 10px !important;
margin-top: 15px;
margin-bottom: 15px;
}
</style>
<style>
</style> <style id="wd-style-theme_settings_default-css" data-type="wd-style-theme_settings_default">
@font-face {
font-weight: normal;
font-style: normal;
font-family: "woodmart-font";
src: url("//eonhk.com/wp-content/themes/woodmart/fonts/woodmart-font-1-400.woff2?v=8.0.4") format("woff2");
}
@font-face {
font-family: "star";
font-weight: 400;
font-style: normal;
src: url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/star.eot?#iefix") format("embedded-opentype"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/star.woff") format("woff"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/star.ttf") format("truetype"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/star.svg#star") format("svg");
}
@font-face {
font-family: "WooCommerce";
font-weight: 400;
font-style: normal;
src: url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/WooCommerce.eot?#iefix") format("embedded-opentype"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/WooCommerce.woff") format("woff"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/WooCommerce.ttf") format("truetype"), url("//eonhk.com/wp-content/plugins/woocommerce/assets/fonts/WooCommerce.svg#WooCommerce") format("svg");
}
:root {
--wd-text-font: "Lato", Arial, Helvetica, sans-serif;
--wd-text-font-weight: 400;
--wd-text-color: #777777;
--wd-text-font-size: 14px;
--wd-title-font: "Poppins", Arial, Helvetica, sans-serif;
--wd-title-font-weight: 600;
--wd-title-color: #242424;
--wd-entities-title-font: "Poppins", Arial, Helvetica, sans-serif;
--wd-entities-title-font-weight: 500;
--wd-entities-title-color: #333333;
--wd-entities-title-color-hover: rgb(51 51 51 / 65%);
--wd-alternative-font: "Lato", Arial, Helvetica, sans-serif;
--wd-widget-title-font: "Poppins", Arial, Helvetica, sans-serif;
--wd-widget-title-font-weight: 600;
--wd-widget-title-transform: uppercase;
--wd-widget-title-color: #333;
--wd-widget-title-font-size: 16px;
--wd-header-el-font: "Lato", Arial, Helvetica, sans-serif;
--wd-header-el-font-weight: 700;
--wd-header-el-transform: uppercase;
--wd-header-el-font-size: 13px;
--wd-primary-color: rgb(207,11,55);
--wd-alternative-color: #fbbc34;
--wd-link-color: rgb(51,51,51);
--wd-link-color-hover: #242424;
--btn-default-bgcolor: #f7f7f7;
--btn-default-bgcolor-hover: #efefef;
--btn-accented-bgcolor: #83b735;
--btn-accented-bgcolor-hover: #74a32f;
--wd-form-brd-width: 2px;
--notices-success-bg: #459647;
--notices-success-color: #fff;
--notices-warning-bg: #E0B252;
--notices-warning-color: #fff;
}
.wd-popup.wd-age-verify {
--wd-popup-width: 500px;
}
.wd-popup.wd-promo-popup {
background-color: #111111;
background-image: url(https://eonhk.com/wp-content/uploads/2021/08/promo-popup.jpg);
background-repeat: no-repeat;
background-size: cover;
background-position: center center;
--wd-popup-width: 800px;
}
.woodmart-woocommerce-layered-nav .wd-scroll-content {
max-height: 223px;
}
.wd-page-title {
background-color: #0a0a0a;
background-image: url(https://eonhk.com/wp-content/uploads/2024/09/Banner-012.jpg);
background-size: cover;
background-position: center center;
}
.wd-footer {
background-color: #ffffff;
background-image: none;
}
html .product-image-summary-wrap .product_title, html .wd-single-title .product_title {
font-weight: 600;
}
.wd-popup.popup-quick-view {
--wd-popup-width: 920px;
}
:root{
--wd-container-w: 1222px;
--wd-form-brd-radius: 0px;
--btn-default-color: #333;
--btn-default-color-hover: #333;
--btn-accented-color: #fff;
--btn-accented-color-hover: #fff;
--btn-default-brd-radius: 0px;
--btn-default-box-shadow: none;
--btn-default-box-shadow-hover: none;
--btn-default-box-shadow-active: none;
--btn-default-bottom: 0px;
--btn-accented-bottom-active: -1px;
--btn-accented-brd-radius: 0px;
--btn-accented-box-shadow: inset 0 -2px 0 rgba(0, 0, 0, .15);
--btn-accented-box-shadow-hover: inset 0 -2px 0 rgba(0, 0, 0, .15);
--wd-brd-radius: 0px;
}
@media (min-width: 1239px) {
.platform-Windows .wd-section-stretch > .elementor-container {
margin-left: auto;
margin-right: auto;
}
}
@media (min-width: 1222px) {
html:not(.platform-Windows) .wd-section-stretch > .elementor-container {
margin-left: auto;
margin-right: auto;
}
}
.product-information .product-rating-price
{
color: rgb(207, 11, 55);
}
.wd-product-sku span
{
color: rgb(207, 11, 55);
} </style>
<link rel='stylesheet' id='wc-stripe-blocks-checkout-style-css' href='https://eonhk.com/wp-content/plugins/woocommerce-gateway-stripe/build/upe-blocks.css?ver=9814412f6c2f8f8de894fcfd6ce47665' media='all' />
<link rel='stylesheet' id='widget-image-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/css/widget-image.min.css?ver=3.26.0' media='all' />
<link rel='stylesheet' id='widget-image-gallery-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/css/widget-image-gallery.min.css?ver=3.26.0' media='all' />
<link rel='stylesheet' id='swiper-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5' media='all' />
<link rel='stylesheet' id='e-swiper-css' href='https://eonhk.com/wp-content/plugins/elementor/assets/css/conditionals/e-swiper.min.css?ver=3.26.0' media='all' />
</head>
<body class="home wp-singular page-template-default page page-id-18 wp-theme-woodmart theme-woodmart woocommerce-no-js wrapper-full-width categories-accordion-on woodmart-ajax-shop-on elementor-default elementor-kit-6 elementor-page elementor-page-18">
<script type="text/javascript" id="wd-flicker-fix">// Flicker fix.</script>
<div class="wd-page-wrapper website-wrapper">
<header class="whb-header whb-header_153799 whb-sticky-shadow whb-scroll-stick whb-sticky-real whb-hide-on-scroll">
<div class="whb-main-header">
<div class="whb-row whb-top-bar whb-not-sticky-row whb-with-bg whb-without-border whb-color-light whb-flex-flex-middle">
<div class="container">
<div class="whb-flex-row whb-top-bar-inner">
<div class="whb-column whb-col-left whb-visible-lg">
<div id="" class=" wd-social-icons wd-style-default social-follow wd-shape-circle whb-43k0qayz7gg36f2jmmhk color-scheme-light text-center">
<a rel="noopener noreferrer nofollow" href="https://www.facebook.com/eoneventservicesltd" target="_blank" class=" wd-social-icon social-facebook" aria-label="Facebook social link">
<span class="wd-icon"></span>
</a>
<a rel="noopener noreferrer nofollow" href="https://www.instagram.com/eoneventservicesltd/" target="_blank" class=" wd-social-icon social-instagram" aria-label="Instagram social link">
<span class="wd-icon"></span>
</a>
</div>
</div>
<div class="whb-column whb-col-center whb-visible-lg whb-empty-column">
</div>
<div class="whb-column whb-col-right whb-visible-lg">
<div class="wd-header-divider wd-full-height whb-aik22afewdiur23h71ba"></div>
<div class="wd-header-text reset-last-child ">Tel:<a href="tel:+85235682593"> +852 3568 2593</a></div>
<div class="wd-header-divider wd-full-height whb-hvo7pk2f543doxhr21h5"></div>
<div class="wd-header-text reset-last-child ">Email:<a href="mailto:[email protected]">[email protected]</a></div>
<div class="wd-header-divider wd-full-height whb-az2cvcuy0tgs2i5q3z1x"></div>
</div>
<div class="whb-column whb-col-mobile whb-hidden-lg">
<div id="" class=" wd-social-icons wd-style-default social-follow wd-shape-circle whb-vmlw3iqy1i9gf64uk7of color-scheme-light text-center">
<a rel="noopener noreferrer nofollow" href="https://www.facebook.com/eoneventservicesltd" target="_blank" class=" wd-social-icon social-facebook" aria-label="Facebook social link">
<span class="wd-icon"></span>
</a>
<a rel="noopener noreferrer nofollow" href="https://www.instagram.com/eoneventservicesltd/" target="_blank" class=" wd-social-icon social-instagram" aria-label="Instagram social link">
<span class="wd-icon"></span>
</a>
</div>
</div>
</div>
</div>
</div>
<div class="whb-row whb-general-header whb-sticky-row whb-without-bg whb-border-fullwidth whb-color-dark whb-flex-flex-middle">
<div class="container">
<div class="whb-flex-row whb-general-header-inner">
<div class="whb-column whb-col-left whb-visible-lg">
<div class="site-logo wd-switch-logo">
<a href="https://eonhk.com/" class="wd-logo wd-main-logo" rel="home" aria-label="Site logo">
<img width="300" height="170" src="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png" class="attachment-full size-full" alt="" style="max-width:160px;" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png 300w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-150x85.png 150w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png 180w" sizes="(max-width: 300px) 100vw, 300px" /> </a>
<a href="https://eonhk.com/" class="wd-logo wd-sticky-logo" rel="home">
<img width="300" height="170" src="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png" class="attachment-full size-full" alt="" style="max-width:100px;" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png 300w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-150x85.png 150w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png 180w" sizes="(max-width: 300px) 100vw, 300px" /> </a>
</div>
</div>
<div class="whb-column whb-col-center whb-visible-lg">
<div class="wd-search-form wd-header-search-form wd-display-form whb-9x1ytaxq7aphtb3npidp">
<form role="search" method="get" class="searchform wd-with-cat wd-style-default wd-cat-style-bordered woodmart-ajax-search" action="https://eonhk.com/" data-thumbnail="1" data-price="1" data-post_type="product" data-count="20" data-sku="0" data-symbols_count="3">
<input type="text" class="s" placeholder="Search for products" value="" name="s" aria-label="Search" title="Search for products" required/>
<input type="hidden" name="post_type" value="product">
<div class="wd-search-cat wd-scroll">
<input type="hidden" name="product_cat" value="0">
<a href="#" rel="nofollow" data-val="0">
<span>
Select category </span>
</a>
<div class="wd-dropdown wd-dropdown-search-cat wd-dropdown-menu wd-scroll-content wd-design-default">
<ul class="wd-sub-menu">
<li style="display:none;"><a href="#" data-val="0">Select category</a></li>
<li class="cat-item cat-item-211"><a class="pf-value" href="https://eonhk.com/product-category/3d-printing/" data-val="3d-printing" data-title="3D Printing" >3D Printing</a>
</li>
<li class="cat-item cat-item-20"><a class="pf-value" href="https://eonhk.com/product-category/av-items/" data-val="av-items" data-title="AV items" >AV items</a>
<ul class='children'>
<li class="cat-item cat-item-80"><a class="pf-value" href="https://eonhk.com/product-category/av-items/computer/" data-val="computer" data-title="Computer" >Computer</a>
</li>
<li class="cat-item cat-item-76"><a class="pf-value" href="https://eonhk.com/product-category/av-items/display-panel/" data-val="display-panel" data-title="Display Panel" >Display Panel</a>
</li>
<li class="cat-item cat-item-79"><a class="pf-value" href="https://eonhk.com/product-category/av-items/ipad/" data-val="ipad" data-title="iPad" >iPad</a>
</li>
<li class="cat-item cat-item-135"><a class="pf-value" href="https://eonhk.com/product-category/av-items/pa-system/" data-val="pa-system" data-title="PA System" >PA System</a>
</li>
<li class="cat-item cat-item-78"><a class="pf-value" href="https://eonhk.com/product-category/av-items/projector/" data-val="projector" data-title="Projector" >Projector</a>
</li>
<li class="cat-item cat-item-77"><a class="pf-value" href="https://eonhk.com/product-category/av-items/tv/" data-val="tv" data-title="TV" >TV</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-28"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/" data-val="backstage-equipment" data-title="Backstage Equipment" >Backstage Equipment</a>
<ul class='children'>
<li class="cat-item cat-item-180"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/fitting-room/" data-val="fitting-room" data-title="Fitting Room" >Fitting Room</a>
</li>
<li class="cat-item cat-item-179"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/hanging-rack/" data-val="hanging-rack" data-title="Hanging Rack" >Hanging Rack</a>
</li>
<li class="cat-item cat-item-178"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/mannequin/" data-val="mannequin" data-title="Mannequin" >Mannequin</a>
</li>
<li class="cat-item cat-item-177"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/mirror/" data-val="mirror" data-title="Mirror" >Mirror</a>
</li>
<li class="cat-item cat-item-182"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/partition/" data-val="partition" data-title="Partition" >Partition</a>
</li>
<li class="cat-item cat-item-181"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/pipe-drape/" data-val="pipe-drape" data-title="Pipe & Drape" >Pipe & Drape</a>
</li>
<li class="cat-item cat-item-183"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/plant/" data-val="plant" data-title="Plant" >Plant</a>
</li>
<li class="cat-item cat-item-184"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/stage-materials/" data-val="stage-materials" data-title="Stage Materials" >Stage Materials</a>
<ul class='children'>
<li class="cat-item cat-item-86"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/stage-materials/podium/" data-val="podium" data-title="Podium" >Podium</a>
</li>
<li class="cat-item cat-item-159"><a class="pf-value" href="https://eonhk.com/product-category/backstage-equipment/stage-materials/stage/" data-val="stage" data-title="Stage" >Stage</a>
</li>
</ul>
</li>
</ul>
</li>
<li class="cat-item cat-item-29"><a class="pf-value" href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" data-val="barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c" data-title="Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌" >Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌</a>
<ul class='children'>
<li class="cat-item cat-item-137"><a class="pf-value" href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/barricade/" data-val="barricade" data-title="Barricade" >Barricade</a>
</li>
<li class="cat-item cat-item-139"><a class="pf-value" href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/barrier/" data-val="barrier" data-title="Barrier" >Barrier</a>
</li>
<li class="cat-item cat-item-138"><a class="pf-value" href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/signage/" data-val="signage" data-title="Signage" >Signage</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-225"><a class="pf-value" href="https://eonhk.com/product-category/bookable/" data-val="bookable" data-title="Bookable" >Bookable</a>
</li>
<li class="cat-item cat-item-226"><a class="pf-value" href="https://eonhk.com/product-category/booth-design/" data-val="booth-design" data-title="Booth Design & Production" >Booth Design & Production</a>
</li>
<li class="cat-item cat-item-195"><a class="pf-value" href="https://eonhk.com/product-category/brochure-rack/" data-val="brochure-rack" data-title="Brochure Rack & Display Rack" >Brochure Rack & Display Rack</a>
</li>
<li class="cat-item cat-item-53"><a class="pf-value" href="https://eonhk.com/product-category/coolers/" data-val="coolers" data-title="Cooler & Heater" >Cooler & Heater</a>
<ul class='children'>
<li class="cat-item cat-item-92"><a class="pf-value" href="https://eonhk.com/product-category/coolers/cooler/" data-val="cooler" data-title="Cooler" >Cooler</a>
</li>
<li class="cat-item cat-item-93"><a class="pf-value" href="https://eonhk.com/product-category/coolers/fan/" data-val="fan" data-title="Fan" >Fan</a>
</li>
<li class="cat-item cat-item-94"><a class="pf-value" href="https://eonhk.com/product-category/coolers/gas-heater/" data-val="gas-heater" data-title="Gas Heater" >Gas Heater</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-42"><a class="pf-value" href="https://eonhk.com/product-category/display-fridge-freezer/" data-val="display-fridge-freezer" data-title="Display Fridge & Freezer" >Display Fridge & Freezer</a>
<ul class='children'>
<li class="cat-item cat-item-190"><a class="pf-value" href="https://eonhk.com/product-category/display-fridge-freezer/display-fridge/" data-val="display-fridge" data-title="Display Fridge" >Display Fridge</a>
</li>
<li class="cat-item cat-item-191"><a class="pf-value" href="https://eonhk.com/product-category/display-fridge-freezer/freezer/" data-val="freezer" data-title="Freezer" >Freezer</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-71"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/" data-val="electric-equipment" data-title="Electric Equipment" >Electric Equipment</a>
<ul class='children'>
<li class="cat-item cat-item-185"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/coffee-machin/" data-val="coffee-machin" data-title="Coffee Machin" >Coffee Machin</a>
</li>
<li class="cat-item cat-item-186"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/oven/" data-val="oven" data-title="Oven" >Oven</a>
</li>
<li class="cat-item cat-item-188"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/printer/" data-val="printer" data-title="Printer" >Printer</a>
</li>
<li class="cat-item cat-item-189"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/shredder/" data-val="shredder" data-title="Shredder" >Shredder</a>
</li>
<li class="cat-item cat-item-187"><a class="pf-value" href="https://eonhk.com/product-category/electric-equipment/water-dispenser/" data-val="water-dispenser" data-title="Water Dispenser" >Water Dispenser</a>
</li>
</ul>
</li>
<li class="cat-item cat-item-72"><a class="pf-value" href="https://eonhk.com/product-category/furniture/" data-val="furniture" data-title="Furniture 傢俬" >Furniture 傢俬</a>
<ul class='children'>
<li class="cat-item cat-item-166"><a class="pf-value" href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" data-val="chair-%e6%a4%85%e5%ad%90" data-title="Chair 椅子" >Chair 椅子</a>
</li>
<li class="cat-item cat-item-212"><a class="pf-value" href="https://eonhk.com/product-category/furniture/kids-%e5%85%92%e7%ab%a5%e5%82%a2%e4%bf%ac/" data-val="kids-%e5%85%92%e7%ab%a5%e5%82%a2%e4%bf%ac" data-title="Kids 兒童傢俬" >Kids 兒童傢俬</a>
</li>
<li class="cat-item cat-item-209"><a class="pf-value" href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" data-val="outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac" data-title="Outdoor 戶外傢俬" >Outdoor 戶外傢俬</a>
</li>
<li class="cat-item cat-item-167"><a class="pf-value" href="https://eonhk.com/product-category/furniture/sofa-%e6%a2%b3%e5%8c%96%e6%b2%99%e7%99%bc/" data-val="sofa-%e6%a2%b3%e5%8c%96%e6%b2%99%e7%99%bc" data-title="Sofa 梳化沙發" >Sofa 梳化沙發</a>
</li>
<li class="cat-item cat-item-168"><a class="pf-value" href="https://eonhk.com/product-category/furniture/stool-%e5%90%a7%e6%a4%85/" data-val="stool-%e5%90%a7%e6%a4%85" data-title="Stool 吧椅" >Stool 吧椅</a>
</li>
<li class="cat-item cat-item-169"><a class="pf-value" href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/" data-val="table-%e6%a1%8c%e5%ad%90" data-title="Table 桌子" >Table 桌子</a>
<ul class='children'>
<li class="cat-item cat-item-170"><a class="pf-value" href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/coffee-table-%e5%92%96%e5%95%a1%e5%8f%b0%e6%a1%8c/" data-val="coffee-table-%e5%92%96%e5%95%a1%e5%8f%b0%e6%a1%8c" data-title="Coffee Table 咖啡台桌" >Coffee Table 咖啡台桌</a>
</li>
<li class="cat-item cat-item-173"><a class="pf-value" href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/dinning-table-%e9%a4%90%e5%8f%b0%e6%a1%8c-%e6%9c%83%e8%ad%b0%e5%8f%b0%e6%a1%8c/" data-val="dinning-table-%e9%a4%90%e5%8f%b0%e6%a1%8c-%e6%9c%83%e8%ad%b0%e5%8f%b0%e6%a1%8c" data-title="Dinning Table/Meeting Table 餐台桌/會議台桌" >Dinning Table/Meeting Table 餐台桌/會議台桌</a>
</li>
<li class="cat-item cat-item-175"><a class="pf-value" href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/high-table-%e5%90%a7%e5%8f%b0%e6%a1%8c/" data-val="high-table-%e5%90%a7%e5%8f%b0%e6%a1%8c" data-title="High Table 吧台桌" >High Table 吧台桌</a>
</li>
</ul>
</li>
</ul>
</li>
<li class="cat-item cat-item-162"><a class="pf-value" href="https://eonhk.com/product-category/game-booth/" data-val="game-booth" data-title="Game Booth" >Game Booth</a>
</li>
<li class="cat-item cat-item-176"><a class="pf-value" href="https://eonhk.com/product-category/illuminated-led-funiture1/" data-val="illuminated-led-funiture1" data-title="Illuminated / LED Funiture" >Illuminated / LED Funiture</a>
</li>
<li class="cat-item cat-item-198"><a class="pf-value" href="https://eonhk.com/product-category/marquee/" data-val="marquee" data-title="Marquee & Umbrella" >Marquee & Umbrella</a>
</li>
<li class="cat-item cat-item-161"><a class="pf-value" href="https://eonhk.com/product-category/outdoor-items/" data-val="outdoor-items" data-title="Outdoor Items" >Outdoor Items</a>
</li>
<li class="cat-item cat-item-75"><a class="pf-value" href="https://eonhk.com/product-category/whiteboard-flipchart-locker-bin/" data-val="whiteboard-flipchart-locker-bin" data-title="Whiteboard, flipchart , Locker & Bin" >Whiteboard, flipchart , Locker & Bin</a>
</li>
</ul>
</div>
</div>
<button type="submit" class="searchsubmit">
<span>
Search </span>
</button>
</form>
<div class="search-results-wrapper">
<div class="wd-dropdown-results wd-scroll wd-dropdown">
<div class="wd-scroll-content"></div>
</div>
</div>
</div>
</div>
<div class="whb-column whb-col-right whb-visible-lg">
<div class="whb-space-element " style="width:15px;"></div> <link rel="stylesheet" id="wd-header-my-account-dropdown-css" href="https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-my-account-dropdown.min.css?ver=8.0.4" type="text/css" media="all" /> <link rel="stylesheet" id="wd-woo-mod-login-form-css" href="https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-login-form.min.css?ver=8.0.4" type="text/css" media="all" /> <div class="wd-header-my-account wd-tools-element wd-event-hover wd-design-1 wd-account-style-icon whb-cbbp7oczk2t6id6bfv12">
<a href="https://eonhk.com/my-account/" title="My account">
<span class="wd-tools-icon">
</span>
<span class="wd-tools-text">
Login / Register </span>
</a>
<div class="wd-dropdown wd-dropdown-register">
<div class="login-dropdown-inner woocommerce">
<span class="wd-heading"><span class="title">Sign in</span><a class="create-account-link" href="https://eonhk.com/my-account/?action=register">Create an Account</a></span>
<form method="post" class="login woocommerce-form woocommerce-form-login
" action="https://eonhk.com/my-account/" >
<p class="woocommerce-FormRow woocommerce-FormRow--wide form-row form-row-wide form-row-username">
<label for="username">Username or email address <span class="required" aria-hidden="true">*</span><span class="screen-reader-text">Required</span></label>
<input type="text" class="woocommerce-Input woocommerce-Input--text input-text" name="username" id="username" value="" /> </p>
<p class="woocommerce-FormRow woocommerce-FormRow--wide form-row form-row-wide form-row-password">
<label for="password">Password <span class="required" aria-hidden="true">*</span><span class="screen-reader-text">Required</span></label>
<input class="woocommerce-Input woocommerce-Input--text input-text" type="password" name="password" id="password" autocomplete="current-password" />
</p>
<div class="g-recaptcha" data-sitekey="6LciDGUrAAAAAC9QtYvFqb8N9bdk3rzd5J7pGDCp"></div>
<br/>
<p class="form-row">
<input type="hidden" id="woocommerce-login-nonce" name="woocommerce-login-nonce" value="1d2b88879a" /><input type="hidden" name="_wp_http_referer" value="/" /> <button type="submit" class="button woocommerce-button woocommerce-form-login__submit" name="login" value="Log in">Log in</button>
</p>
<p class="login-form-footer">
<a href="https://eonhk.com/my-account/lost-password/" class="woocommerce-LostPassword lost_password">Lost your password?</a>
<label class="woocommerce-form__label woocommerce-form__label-for-checkbox woocommerce-form-login__rememberme">
<input class="woocommerce-form__input woocommerce-form__input-checkbox" name="rememberme" type="checkbox" value="forever" title="Remember me" aria-label="Remember me" /> <span>Remember me</span>
</label>
</p>
</form>
</div>
</div>
</div>
<div class="wd-header-wishlist wd-tools-element wd-style-icon wd-with-count wd-design-2 whb-a22wdkiy3r40yw2paskq" title="My Wishlist">
<a href="https://eonhk.com/wishlist/" title="Wishlist products">
<span class="wd-tools-icon">
<span class="wd-tools-count">
0 </span>
</span>
<span class="wd-tools-text">
Wishlist </span>
</a>
</div>
<div class="wd-header-compare wd-tools-element wd-style-icon wd-with-count wd-design-2 whb-p2jvs451wo69tpw9jy4t">
<a href="https://eonhk.com/compare/" title="Compare products">
<span class="wd-tools-icon">
<span class="wd-tools-count">0</span>
</span>
<span class="wd-tools-text">
Compare </span>
</a>
</div>
<div class="wd-header-cart wd-tools-element wd-design-6 cart-widget-opener wd-style-icon whb-1nxrsjy8zgrjx06ymr5e">
<a href="https://eonhk.com/cart/" title="Shopping cart">
<span class="wd-tools-icon">
<span class="wd-cart-number wd-tools-count">0 <span>items</span></span>
</span>
<span class="wd-tools-text">
<span class="wd-cart-subtotal"><span class="woocommerce-Price-amount amount"><bdi><span class="woocommerce-Price-currencySymbol">$</span>0.00</bdi></span></span>
</span>
</a>
</div>
</div>
<div class="whb-column whb-mobile-left whb-hidden-lg">
<div class="wd-tools-element wd-header-mobile-nav wd-style-icon wd-design-1 whb-g1k0m1tib7raxrwkm1t3">
<a href="#" rel="nofollow" aria-label="Open mobile menu">
<span class="wd-tools-icon">
</span>
<span class="wd-tools-text">Menu</span>
</a>
</div></div>
<div class="whb-column whb-mobile-center whb-hidden-lg">
<div class="site-logo">
<a href="https://eonhk.com/" class="wd-logo wd-main-logo" rel="home" aria-label="Site logo">
<img width="300" height="170" src="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png" class="attachment-full size-full" alt="" style="max-width:81px;" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png 300w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-150x85.png 150w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png 180w" sizes="(max-width: 300px) 100vw, 300px" /> </a>
</div>
</div>
<div class="whb-column whb-mobile-right whb-hidden-lg whb-empty-column">
</div>
</div>
</div>
</div>
<div class="whb-row whb-header-bottom whb-sticky-row whb-without-bg whb-border-fullwidth whb-color-dark whb-hidden-mobile whb-flex-flex-middle">
<div class="container">
<div class="whb-flex-row whb-header-bottom-inner">
<div class="whb-column whb-col-left whb-visible-lg">
<div class="wd-header-cats wd-style-1 whb-wjlcubfdmlq3d7jvmt23" role="navigation" aria-label="Header categories navigation">
<span class="menu-opener color-scheme-light">
<span class="menu-opener-icon"></span>
<span class="menu-open-label">
Browse Categories </span>
</span>
<div class="wd-dropdown wd-dropdown-cats wd-opened">
<ul id="menu-product-category" class="menu wd-nav wd-nav-vertical wd-design-default"><li id="menu-item-14074" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-14074 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/3d-printing/" class="woodmart-nav-link"><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-150x150.jpg" class="wd-nav-img" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /><span class="nav-link-text">3D Printing</span></a></li>
<li id="menu-item-14091" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-14091 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/booth-design/" class="woodmart-nav-link"><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-150x150.jpg" class="wd-nav-img" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu.jpg 1080w" sizes="(max-width: 150px) 100vw, 150px" /><span class="nav-link-text">Booth Design & Production</span></a></li>
<li id="menu-item-10452" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10452 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/game-booth/" class="woodmart-nav-link"><span class="nav-link-text">Game Booth</span></a></li>
<li id="menu-item-10449" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10449 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/" class="woodmart-nav-link"><span class="nav-link-text">Furniture 傢俬</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10450" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10450 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" class="woodmart-nav-link">Chair 椅子</a></li>
<li id="menu-item-11023" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11023 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" class="woodmart-nav-link">Outdoor 戶外傢俬</a></li>
<li id="menu-item-10451" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10451 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/sofa-%e6%a2%b3%e5%8c%96%e6%b2%99%e7%99%bc/" class="woodmart-nav-link">Sofa 梳化沙發</a></li>
<li id="menu-item-10475" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10475 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/stool-%e5%90%a7%e6%a4%85/" class="woodmart-nav-link">Stool 吧椅</a></li>
<li id="menu-item-10476" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10476 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/" class="woodmart-nav-link">Table 桌子</a>
<ul class="sub-sub-menu wd-dropdown">
<li id="menu-item-10465" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10465 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/coffee-table-%e5%92%96%e5%95%a1%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">Coffee Table 咖啡台桌</a></li>
<li id="menu-item-10466" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10466 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/dinning-table-%e9%a4%90%e5%8f%b0%e6%a1%8c-%e6%9c%83%e8%ad%b0%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">Dinning Table/Meeting Table 餐台桌/會議台桌</a></li>
<li id="menu-item-10467" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10467 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/high-table-%e5%90%a7%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">High Table 吧台桌</a></li>
</ul>
</li>
<li id="menu-item-11188" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11188 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/kids-%e5%85%92%e7%ab%a5%e5%82%a2%e4%bf%ac/" class="woodmart-nav-link">Kids 兒童傢俬</a></li>
<li id="menu-item-11403" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11403 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/furniture-set-%e5%82%a2%e4%bf%ac%e7%b5%84%e5%90%88/" class="woodmart-nav-link">Furniture Set 傢俬組合</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10453" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10453 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/illuminated-led-funiture1/" class="woodmart-nav-link"><span class="nav-link-text">Illuminated / LED Funiture</span></a></li>
<li id="menu-item-10422" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10422 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/" class="woodmart-nav-link"><span class="nav-link-text">AV items</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10426" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10426 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/pa-system/" class="woodmart-nav-link">PA System</a></li>
<li id="menu-item-10424" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10424 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/display-panel/" class="woodmart-nav-link">Display Panel</a></li>
<li id="menu-item-10477" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10477 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/tv/" class="woodmart-nav-link">TV</a></li>
<li id="menu-item-10427" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10427 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/projector/" class="woodmart-nav-link">Projector</a></li>
<li id="menu-item-10425" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10425 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/ipad/" class="woodmart-nav-link">iPad</a></li>
<li id="menu-item-10423" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10423 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/av-items/computer/" class="woodmart-nav-link">Computer</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10428" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10428 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/" class="woodmart-nav-link"><span class="nav-link-text">Backstage Equipment</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10429" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10429 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/fitting-room/" class="woodmart-nav-link">Fitting Room</a></li>
<li id="menu-item-10430" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10430 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/hanging-rack/" class="woodmart-nav-link">Hanging Rack</a></li>
<li id="menu-item-10431" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10431 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/mannequin/" class="woodmart-nav-link">Mannequin</a></li>
<li id="menu-item-10432" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10432 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/mirror/" class="woodmart-nav-link">Mirror</a></li>
<li id="menu-item-10433" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10433 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/partition/" class="woodmart-nav-link">Partition</a></li>
<li id="menu-item-10434" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10434 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/pipe-drape/" class="woodmart-nav-link">Pipe & Drape</a></li>
<li id="menu-item-10435" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10435 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/plant/" class="woodmart-nav-link">Plant</a></li>
<li id="menu-item-10474" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10474 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/" class="woodmart-nav-link">Stage Materials</a>
<ul class="sub-sub-menu wd-dropdown">
<li id="menu-item-10471" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10471 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/stage/" class="woodmart-nav-link">Stage</a></li>
<li id="menu-item-10470" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10470 item-level-2 wd-event-hover" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/podium/" class="woodmart-nav-link">Podium</a></li>
</ul>
</li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10454" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10454 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" class="woodmart-nav-link"><span class="nav-link-text">Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌</span></a></li>
<li id="menu-item-10437" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10437 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/display-fridge-freezer/" class="woodmart-nav-link"><span class="nav-link-text">Display Fridge & Freezer</span></a></li>
<li id="menu-item-10440" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10440 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/coolers/" class="woodmart-nav-link"><span class="nav-link-text">Cooler & Heater</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10441" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10441 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/coolers/cooler/" class="woodmart-nav-link">Cooler</a></li>
<li id="menu-item-10442" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10442 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/coolers/fan/" class="woodmart-nav-link">Fan</a></li>
<li id="menu-item-10443" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10443 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/coolers/gas-heater/" class="woodmart-nav-link">Gas Heater</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10444" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10444 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/" class="woodmart-nav-link"><span class="nav-link-text">Electric Equipment</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-10445" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10445 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/coffee-machin/" class="woodmart-nav-link">Coffee Machin</a></li>
<li id="menu-item-10446" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10446 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/oven/" class="woodmart-nav-link">Oven</a></li>
<li id="menu-item-10447" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10447 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/printer/" class="woodmart-nav-link">Printer</a></li>
<li id="menu-item-10448" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10448 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/shredder/" class="woodmart-nav-link">Shredder</a></li>
<li id="menu-item-10478" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10478 item-level-1 wd-event-hover" ><a href="https://eonhk.com/product-category/electric-equipment/water-dispenser/" class="woodmart-nav-link">Water Dispenser</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-10472" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10472 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/whiteboard-flipchart-locker-bin/" class="woodmart-nav-link"><span class="nav-link-text">Whiteboard, flipchart , Locker & Bin</span></a></li>
<li id="menu-item-10460" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10460 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/brochure-rack/" class="woodmart-nav-link"><span class="nav-link-text">Brochure Rack & Display Rack</span></a></li>
<li id="menu-item-10463" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10463 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/marquee/" class="woodmart-nav-link"><span class="nav-link-text">Marquee & Umbrella</span></a></li>
<li id="menu-item-13339" class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-13339 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/bookable/" class="woodmart-nav-link"><span class="nav-link-text">Bookable</span></a></li>
</ul> </div>
</div>
</div>
<div class="whb-column whb-col-center whb-visible-lg">
<div class="wd-header-nav wd-header-main-nav text-left wd-design-1" role="navigation" aria-label="Main navigation">
<ul id="menu-mobile-navigation" class="menu wd-nav wd-nav-main wd-style-default wd-gap-s"><li id="menu-item-8450" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-home current-menu-item page_item page-item-18 current_page_item menu-item-8450 item-level-0 menu-mega-dropdown wd-event-hover" ><a href="https://eonhk.com/" class="woodmart-nav-link"><span class="nav-link-text">Home</span></a></li>
<li id="menu-item-8429" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8429 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/about-us/" class="woodmart-nav-link"><span class="nav-link-text">About Us</span></a></li>
<li id="menu-item-11208" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-11208 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" class="woodmart-nav-link"><span class="nav-link-text">Products</span></a></li>
<li id="menu-item-8705" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8705 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/services/" class="woodmart-nav-link"><span class="nav-link-text">Services</span></a></li>
<li id="menu-item-11362" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-11362 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="#" class="woodmart-nav-link"><span class="nav-link-text">Solutions</span></a><div class="color-scheme-dark wd-design-default wd-dropdown-menu wd-dropdown"><div class="container wd-entry-content">
<ul class="wd-sub-menu color-scheme-dark">
<li id="menu-item-11363" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-11363 item-level-1 wd-event-hover" ><a href="https://eonhk.com/3d-printing/" class="woodmart-nav-link">3D Printing</a></li>
</ul>
</div>
</div>
</li>
<li id="menu-item-8402" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8402 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/projects/" class="woodmart-nav-link"><span class="nav-link-text">Projects</span></a></li>
<li id="menu-item-8428" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8428 item-level-0 menu-simple-dropdown wd-event-hover" ><a href="https://eonhk.com/contact-us/" class="woodmart-nav-link"><span class="nav-link-text">Contact Us</span></a></li>
</ul></div>
</div>
<div class="whb-column whb-col-right whb-visible-lg">
<div id="wd-6a4525e428891" class=" whb-zioafvqx8q83zdslj3ok wd-button-wrapper text-center"><a href="https://eonhk.com/wp-content/uploads/2024/12/EON_Catalogue_20241206.pdf" title="" target="_blank" style="--btn-color:#fff;--btn-color-hover:#fff;" class="btn btn-style-default btn-shape-semi-round btn-size-default">Download Catalog</a></div></div>
<div class="whb-column whb-col-mobile whb-hidden-lg whb-empty-column">
</div>
</div>
</div>
</div>
</div>
</header>
<div class="wd-page-content main-page-wrapper">
<main class="wd-content-layout content-layout-wrapper container" role="main">
<div class="wd-content-area site-content">
<article id="post-18" class="entry-content post-18 page type-page status-publish hentry">
<div data-elementor-type="wp-page" data-elementor-id="18" class="elementor elementor-18">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-32ec6ea5 wd-section-stretch-content elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="32ec6ea5" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-46b9639" data-id="46b9639" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-6962747f elementor-widget elementor-widget-slider_revolution" data-id="6962747f" data-element_type="widget" data-widget_type="slider_revolution.default">
<div class="elementor-widget-container">
<div class="wp-block-themepunch-revslider">
<p class="rs-p-wp-fix"></p>
<sr7-module data-alias="main-slider" data-id="1" id="woodmart-main-slider" class="rs-ov-hidden" data-version="6.7.20">
<sr7-adjuster></sr7-adjuster>
<sr7-content>
<sr7-slide id="woodmart-main-slider-1" data-key="1">
</sr7-slide>
<sr7-slide id="woodmart-main-slider-9" data-key="9">
</sr7-slide>
<sr7-slide id="woodmart-main-slider-3" data-key="3">
</sr7-slide>
<sr7-slide id="woodmart-main-slider-4" data-key="4">
</sr7-slide>
</sr7-content>
<image_lists style="display:none">
<img data-src="//eonhk.com/wp-content/uploads/2026/06/Website-Bannar.jpg" data-libid="14064" data-lib="medialibrary" title="Website Bannar" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjYvMDYvV2Vic2l0ZS1CYW5uYXIuanBn"/>
<img data-src="//eonhk.com/wp-content/uploads/2025/10/wwwwwww-1-02.jpg" data-libid="13607" data-lib="medialibrary" title="wwwwwww-1-02" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjUvMTAvd3d3d3d3dy0xLTAyLmpwZw=="/>
<img data-src="//eonhk.com/wp-content/uploads/2025/10/rwrwrw-02.jpg" data-libid="13606" data-lib="medialibrary" title="rwrwrw-02" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjUvMTAvcndyd3J3LTAyLmpwZw=="/>
<img loading="lazy" data-src="//eonhk.com/wp-content/uploads/2025/10/eeeee-02.jpg" data-libid="13605" data-lib="medialibrary" title="eeeee-02" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjUvMTAvZWVlZWUtMDIuanBn"/>
<img loading="lazy" data-src="//eonhk.com/wp-content/uploads/2025/10/fffff-1-02.jpg" data-libid="13604" data-lib="medialibrary" title="fffff-1-02" width="0" height="0" data-dbsrc="Ly9lb25oay5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjUvMTAvZmZmZmYtMS0wMi5qcGc="/>
</image_lists>
</sr7-module>
<script>
SR7.PMH ??={}; SR7.PMH["woodmart-main-slider"] = {cn:0,state:false,fn: function() { if (_tpt!==undefined && _tpt.prepareModuleHeight !== undefined) { _tpt.prepareModuleHeight({id:"woodmart-main-slider",el:[495,495,476,500,700],type:'standard',shdw:'0',gh:[495,495,476,500,700],gw:[1240,1240,1024,778,480],vpt:['20%','20%','20%','20%','20%'],size:{fullWidth:true, fullHeight:false},mh:'0',onh:0,onw:0,bg:{color:'{"type":"solid","orig":"#f8f8f8","string":"rgba(248, 248, 248, 1)"}'},plType:'0',plColor:'#FFFFFF'}); SR7.PMH["woodmart-main-slider"].state=true;} else if((SR7.PMH["woodmart-main-slider"].cn++)<100) setTimeout( SR7.PMH["woodmart-main-slider"].fn,19);}};SR7.PMH["woodmart-main-slider" ].fn();
</script>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-7048119e elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="7048119e" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-130f8b91" data-id="130f8b91" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-549bfbfd wd-width-100 elementor-widget elementor-widget-wd_title" data-id="549bfbfd" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-medium text-center">
<div class="title-subtitle subtitle-color-default subtitle-style-default wd-fontsize-xs">
EON COLLECTIONS </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-xl">FEATURED CATEGORIES</h4>
</div>
<div class="title-after_title reset-last-child wd-fontsize-s">
Best Furniture and AV Equipment Rental Service. </div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-622e4d87 wd-width-100 wd-nav-accordion-mb-on elementor-widget elementor-widget-wd_product_categories" data-id="622e4d87" data-element_type="widget" data-widget_type="wd_product_categories.default">
<div class="elementor-widget-container">
<div class="wd-cats-element">
<div class="wd-masonry wd-grid-f-col wd-masonry-first wd-cats products woocommerce columns-4 elements-grid" style="--wd-col-lg:4;--wd-col-md:4;--wd-col-sm:2;--wd-gap-lg:20px;--wd-gap-sm:10px;">
<div class="wd-col wd-wider category-grid-item wd-cat cat-design-center wd-with-subcat product-category product first" data-loop="1">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="1200" height="1200" src="https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg" class="attachment-full size-full" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair.jpg 1200w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/04/outdoor-chair-700x700.jpg 700w" sizes="(max-width: 1200px) 100vw, 1200px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Outdoor 戶外傢俬 <mark class="count">(50)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/">
50 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" class="category-link wd-fill" aria-label="Product category outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac"></a>
</div>
</div>
<div class="wd-col category-grid-item wd-cat cat-design-center wd-with-subcat product-category product" data-loop="2">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/furniture/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/09/SF66r-800x800.png" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF66r-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/SF66r.png 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Furniture 傢俬 <mark class="count">(548)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/furniture/">
548 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/furniture/" class="category-link wd-fill" aria-label="Product category furniture"></a>
</div>
</div>
<div class="wd-col category-grid-item wd-cat cat-design-center wd-with-subcat product-category product" data-loop="3">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/coolers/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/09/MS94e-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/09/MS94e-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/MS94e.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Cooler & Heater <mark class="count">(9)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/coolers/">
9 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/coolers/" class="category-link wd-fill" aria-label="Product category coolers"></a>
</div>
</div>
<div class="wd-col category-grid-item wd-cat cat-design-center wd-with-subcat product-category product last" data-loop="4">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/10/Line-up-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/10/Line-up-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-860x860.jpg 860w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/10/Line-up-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/10/Line-up.jpg 1180w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌 <mark class="count">(23)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/">
23 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" class="category-link wd-fill" aria-label="Product category barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c"></a>
</div>
</div>
<div class="wd-col category-grid-item wd-cat cat-design-center wd-with-subcat product-category product first" data-loop="5">
<div class="wrapp-category">
<div class="category-image-wrapp">
<a href="https://eonhk.com/product-category/backstage-equipment/" class="category-image" aria-label="Category image">
<img loading="lazy" decoding="async" width="781" height="800" src="https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-781x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-781x800.jpg 781w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-293x300.jpg 293w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-768x787.jpg 768w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-700x717.jpg 700w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category-150x154.jpg 150w, https://eonhk.com/wp-content/uploads/2024/10/Stage-Category.jpg 1037w" sizes="(max-width: 781px) 100vw, 781px" /> </a>
</div>
<div class="hover-mask">
<h3 class="wd-entities-title">
Backstage Equipment <mark class="count">(28)</mark> </h3>
<div class="more-products">
<a href="https://eonhk.com/product-category/backstage-equipment/">
28 products </a>
</div>
</div>
<a href="https://eonhk.com/product-category/backstage-equipment/" class="category-link wd-fill" aria-label="Product category backstage-equipment"></a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-4304911 wd-section-stretch elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4304911" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-17985c08" data-id="17985c08" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-5ce21e0f wd-width-100 elementor-widget elementor-widget-wd_title" data-id="5ce21e0f" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-medium text-center">
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-xl">Hot Items</h4>
</div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-f9c2972 elementor-widget elementor-widget-wd_products_tabs" data-id="f9c2972" data-element_type="widget" data-widget_type="wd_products_tabs.default">
<div class="elementor-widget-container">
<div class="wd-tabs wd-products-tabs tabs-design-default">
<div class="wd-tabs-header text-center">
<div class="wd-nav-wrapper wd-nav-tabs-wrapper tabs-navigation-wrapper">
<ul class="wd-nav wd-nav-tabs products-tabs-title wd-style-underline wd-icon-pos-top">
<li data-atts="{"layout":"grid","pagination":"","pagination_arrows_position":null,"items_per_page":"8","spacing":"20","spacing_tablet":false,"spacing_mobile":false,"columns":{"unit":"px","size":4,"sizes":[]},"products_masonry":"","products_different_sizes":"","product_quantity":"","product_hover":"inherit","sale_countdown":"0","stretch_product_tablet":0,"stretch_product_mobile":0,"stock_progress_bar":"0","highlighted_products":0,"products_divider":null,"products_bordered_grid":"0","products_bordered_grid_style":null,"products_with_background":"0","products_shadow":"0","products_color_scheme":"default","img_size":"large","elementor":true,"sync_parent_id":null,"slides_per_view":null,"scroll_per_page":null,"center_mode":null,"wrap":null,"autoheight":null,"autoplay":null,"speed":null,"scroll_carousel_init":null,"disable_overflow_carousel":null,"hide_prev_next_buttons":null,"carousel_arrows_position":null,"hide_pagination_control":null,"dynamic_pagination_control":null,"hide_scrollbar":null,"carousel_sync":null,"sync_child_id":null,"img_size_custom":null,"stretch_product":null,"grid_gallery":"","grid_gallery_control":null,"grid_gallery_enable_arrows":null,"lazy_loading":"no","post_type":"featured","ajax_recently_viewed":null,"include":null,"taxonomies":"","orderby":"","offset":"","query_type":"OR","order":"","hide_out_of_stock":"no","meta_key":null,"exclude":""}" class=" wd-active">
<a href="#" class="wd-nav-link">
<span class="tab-label nav-link-text">
</span>
</a>
</li>
</ul>
</div>
</div>
<div class="wd-tabs-content-wrapper">
<div class="wd-sticky-loader"><span class="wd-loader"></span></div>
<div class="wd-products-element wd-tab-content wd-active wd-in">
<div class="products wd-products grid-columns-4 elements-grid wd-grid-g" data-paged="1" data-atts="{"speed":null,"slides_per_view":null,"wrap":null,"autoplay":null,"autoheight":null,"hide_pagination_control":null,"dynamic_pagination_control":null,"hide_prev_next_buttons":null,"carousel_arrows_position":null,"hide_scrollbar":null,"scroll_per_page":null,"center_mode":null,"post_type":"featured","spacing_tablet":false,"spacing_mobile":false,"carousel_sync":null,"sync_parent_id":null,"sync_child_id":null,"scroll_carousel_init":null,"disable_overflow_carousel":null,"include":null,"meta_key":null,"ajax_recently_viewed":null,"pagination_arrows_position":null,"items_per_page":"8","columns":{"unit":"px","size":4,"sizes":[]},"products_masonry":"","products_different_sizes":"","product_quantity":"","sale_countdown":"0","stretch_product":null,"stock_progress_bar":"0","products_divider":null,"products_bordered_grid":"0","products_bordered_grid_style":null,"products_with_background":"0","products_shadow":"0","img_size":"large","img_size_custom":null,"grid_gallery_control":null,"grid_gallery_enable_arrows":null,"force_not_ajax":"no","wrapper_classes":" wd-tab-content wd-active wd-in","elementor":true}" data-source="shortcode" data-columns="4" data-grid-gallery="" style="--wd-col-lg:4;--wd-col-md:4;--wd-col-sm:2;--wd-gap-lg:20px;--wd-gap-sm:10px;">
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-13832 status-publish instock product_cat-outdoor-items has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="1" data-id="13832">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/ms300-food-booth-container-reception-container/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2026/03/MS300-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2026/03/MS300-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/03/MS300-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/03/MS300-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/03/MS300-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/03/MS300-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/03/MS300-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/03/MS300.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/ms300-food-booth-container-reception-container/" aria-label="Product image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/03/MS300-on-site-1.jpg 1500w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="13832" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/ms300-food-booth-container-reception-container/">MS300 Food Booth Container / Reception Container</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 200 x 150 x 300H cm
With Lighting & Air-conditioning
For custom made, please WhatsApp us at 9889 4137 </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="fe1f07734b" data-product-id="13832" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/ms300-food-booth-container-reception-container/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_13832" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="13832" data-product_sku="MS300" aria-label="Read more about “MS300 Food Booth Container / Reception Container”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_13832" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/ms300-food-booth-container-reception-container/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="13832"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-11301 status-publish instock product_cat-sofa- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="2" data-id="11301">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/loop-left-sofa/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF105w-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF105w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF105w.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/loop-left-sofa/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1200" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w.jpg 1200w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-400x267.jpg 400w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-768x512.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-700x467.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-150x100.jpg 150w" sizes="(max-width: 1200px) 100vw, 1200px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="11301" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/loop-left-sofa/">SF105w Loop Left Sofa</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
White Linking Sofa
Link & Loop Furniture
白色環形梳化沙發
創意梳化沙發
150 x 80 x 43SH/85H (cm) </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="fe1f07734b" data-product-id="11301" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/loop-left-sofa/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_11301" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="11301" data-product_sku="SF105w" aria-label="Read more about “SF105w Loop Left Sofa”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_11301" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/loop-left-sofa/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="11301"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-11304 status-publish last instock product_cat-sofa- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="3" data-id="11304">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/loop-right-sofa/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF106w-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF106w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/04/SF106w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF106w.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/loop-right-sofa/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1200" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w.jpg 1200w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-400x267.jpg 400w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-768x512.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-700x467.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF105w-SF106w-150x100.jpg 150w" sizes="(max-width: 1200px) 100vw, 1200px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="11304" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/loop-right-sofa/">SF106w Loop Right Sofa</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
White Linking Sofa
Link & Loop Furniture
白色環形梳化沙發
創意梳化沙發
150 x 80 x 43SH/85H (cm) </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="fe1f07734b" data-product-id="11304" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/loop-right-sofa/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_11304" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="11304" data-product_sku="SF106w" aria-label="Read more about “SF106w Loop Right Sofa”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_11304" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/loop-right-sofa/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="11304"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-11313 status-publish first instock product_cat-sofa- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="4" data-id="11313">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/loop-90-sofa/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF109w-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF109w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF109w.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/loop-90-sofa/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1200" height="800" src="https://eonhk.com/wp-content/uploads/2025/04/SF109w-1.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/04/SF109w-1.jpg 1200w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-1-400x267.jpg 400w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-1-768x512.jpg 768w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-1-700x467.jpg 700w, https://eonhk.com/wp-content/uploads/2025/04/SF109w-1-150x100.jpg 150w" sizes="(max-width: 1200px) 100vw, 1200px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="11313" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/loop-90-sofa/">SF109w Loop 90 Sofa</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
White Linking Sofa
Link & Loop Furniture
白色環形梳化沙發
創意梳化沙發
100 x 100 x 43SH/85H (cm) </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="fe1f07734b" data-product-id="11313" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/loop-90-sofa/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_11313" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="11313" data-product_sku="SF109w" aria-label="Read more about “SF109w Loop 90 Sofa”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_11313" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/loop-90-sofa/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="11313"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-9664 status-publish instock product_cat-chair- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="5" data-id="9664">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/baltas-u-chair/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/10/AC20u-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/10/AC20u-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/10/AC20u-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/10/AC20u.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/baltas-u-chair/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1067" height="800" src="https://eonhk.com/wp-content/uploads/2025/10/230920a1-1067x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/10/230920a1-1067x800.jpg 1067w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-400x300.jpg 400w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-768x576.jpg 768w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-1536x1152.jpg 1536w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-700x525.jpg 700w, https://eonhk.com/wp-content/uploads/2025/10/230920a1-150x113.jpg 150w, https://eonhk.com/wp-content/uploads/2025/10/230920a1.jpg 2000w" sizes="(max-width: 1067px) 100vw, 1067px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="9664" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/baltas-u-chair/">AC19ud Iswed-u Chair</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 44 x 54 x 42SH (79H) cm
Colour: Blue 藍色
<span style="color: white">Dining Chair / Conference Chair 宴會椅凳 /會議椅凳 Conference Furniture / Dining Furniture 會議傢俬傢俱 / 宴會傢俬傢俱</span> </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="fe1f07734b" data-product-id="9664" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/baltas-u-chair/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_9664" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="9664" data-product_sku="AC19ud" aria-label="Read more about “AC19ud Iswed-u Chair”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_9664" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/baltas-u-chair/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="9664"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-10489 status-publish instock product_cat-stool- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="6" data-id="10489">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/white-stool/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/12/BS99w-White-Stool.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/white-stool/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1067" height="800" src="https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-1067x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-1067x800.jpg 1067w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-400x300.jpg 400w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-768x576.jpg 768w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-1536x1152.jpg 1536w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-700x525.jpg 700w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf-150x113.jpg 150w, https://eonhk.com/wp-content/uploads/2024/12/47f44070-85a6-4043-9a6c-86b79316f9cf.jpg 2048w" sizes="(max-width: 1067px) 100vw, 1067px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="10489" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/white-stool/">BS99w White Stool</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 49 x 47 x 79SH cm
Colour: White 白色
<span style="color: white">x</span> </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="fe1f07734b" data-product-id="10489" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/white-stool/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_10489" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="10489" data-product_sku="BS99w" aria-label="Read more about “BS99w White Stool”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_10489" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/white-stool/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="10489"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-12809 status-publish last instock product_cat-stool- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="7" data-id="12809">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/bs99b-black-stool/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2025/06/BS99b-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2025/06/BS99b-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2025/06/BS99b-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2025/06/BS99b.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/bs99b-black-stool/" aria-label="Product image">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2022/08/s-WhatsApp-Image-2026-02-27-at-14.57.39-3.jpg 1200w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="12809" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/bs99b-black-stool/">BS99b Black Stool</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 49 x 47 x 79SH cm
Colour: Black 黑色
<span style="color: white">x</span> </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="fe1f07734b" data-product-id="12809" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/bs99b-black-stool/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_12809" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="12809" data-product_sku="BS99b" aria-label="Read more about “BS99b Black Stool”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_12809" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/bs99b-black-stool/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="12809"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="wd-product wd-with-labels wd-hover-base wd-hover-with-fade wd-col product-grid-item product product-no-swatches type-product post-10481 status-publish first instock product_cat-dinning-table-- has-post-thumbnail featured shipping-taxable product-type-simple" data-loop="8" data-id="10481">
<div class="product-wrapper">
<div class="content-product-imagin"></div>
<div class="product-element-top wd-quick-shop">
<a href="https://eonhk.com/product/ikon-w-table/" class="product-image-link">
<div class="product-labels labels-rounded"><span class="featured product-label">Hot</span></div><img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2024/12/TA131w-800x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/12/TA131w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/12/TA131w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/12/TA131w.jpg 850w" sizes="(max-width: 800px) 100vw, 800px" /> </a>
<div class="hover-img">
<a href="https://eonhk.com/product/ikon-w-table/" aria-label="Product image">
<img loading="lazy" decoding="async" width="1067" height="800" src="https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-1067x800.jpg" class="attachment-large size-large" alt="" srcset="https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-1067x800.jpg 1067w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-400x300.jpg 400w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-768x576.jpg 768w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-1536x1152.jpg 1536w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-700x525.jpg 700w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152-150x113.jpg 150w, https://eonhk.com/wp-content/uploads/2024/12/3ec51aaf-5ff2-4d59-a4b0-557c0de5c152.jpg 2048w" sizes="(max-width: 1067px) 100vw, 1067px" /> </a>
</div>
<div class="wrapp-swatches"> <div class="wd-compare-btn product-compare-button wd-action-btn wd-style-icon wd-compare-icon">
<a href="https://eonhk.com/compare/" data-id="10481" rel="nofollow" data-added-text="Compare products">
<span>Compare</span>
</a>
</div>
</div>
</div>
<div class="product-element-bottom product-information">
<h3 class="wd-entities-title"><a href="https://eonhk.com/product/ikon-w-table/">TA131w Cone-dw Table</a></h3> <div class="product-rating-price">
<div class="wrapp-product-price">
</div>
</div>
<div class="fade-in-block wd-scroll">
<div class="hover-content wd-more-desc">
<div class="hover-content-inner wd-more-desc-inner">
Size: 80Dia x75H cm
Colour: White 白色
<span style="color: white">x</span> </div>
<a href="#" rel="nofollow" class="wd-more-desc-btn" aria-label="Read more description"></a>
</div>
<div class=" wd-bottom-actions">
<div class="wrap-wishlist-button"> <div class="wd-wishlist-btn wd-action-btn wd-style-icon wd-wishlist-icon">
<a class="" href="https://eonhk.com/wishlist/" data-key="fe1f07734b" data-product-id="10481" rel="nofollow" data-added-text="Browse Wishlist">
<span>Add to wishlist</span>
</a>
</div>
</div>
<div class="wd-add-btn wd-add-btn-replace">
<a href="https://eonhk.com/product/ikon-w-table/" aria-describedby="woocommerce_loop_add_to_cart_link_describedby_10481" data-quantity="1" class="button product_type_simple add-to-cart-loop" data-product_id="10481" data-product_sku="TA131w" aria-label="Read more about “TA131w Cone-dw Table”" rel="nofollow" data-success_message=""><span>Read more</span></a> <span id="woocommerce_loop_add_to_cart_link_describedby_10481" class="screen-reader-text">
</span>
</div>
<div class="wrap-quickview-button"> <div class="quick-view wd-action-btn wd-style-icon wd-quick-view-icon">
<a
href="https://eonhk.com/product/ikon-w-table/"
class="open-quick-view quick-view-button"
rel="nofollow"
data-id="10481"
>Quick view</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-1dde4746 elementor-hidden-desktop elementor-hidden-tablet elementor-hidden-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="1dde4746" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-no">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e50177c" data-id="1e50177c" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-4b4204d7 elementor-widget elementor-widget-wd_slider" data-id="4b4204d7" data-element_type="widget" data-widget_type="wd_slider.default">
<div class="elementor-widget-container">
<link rel="stylesheet" id="xts-style-term-70-css" href="https://eonhk.com/wp-content/uploads/2024/12/xts-term-70-1734090951.css?ver=8.0.4" type="text/css" media="all"> <style> #slide-609 .wd-slide-container {
--wd-align-items: center;
--wd-justify-content: left;
}
#slide-609.woodmart-loaded .wd-slide-bg {
}
#slide-609 .wd-slide-bg {
background-color:rgb(122,181,50); background-size:cover;
background-position:center center; }
@media (max-width: 1024px) {
#slide-609 .wd-slide-bg {
}
}
@media (max-width: 767px) {
#slide-609 .wd-slide-bg {
}
}
#slide-621 .wd-slide-container {
--wd-align-items: center;
--wd-justify-content: left;
}
#slide-621.woodmart-loaded .wd-slide-bg {
}
#slide-621 .wd-slide-bg {
background-color:rgb(122,181,50); background-size:cover;
background-position:center center; }
@media (max-width: 1024px) {
#slide-621 .wd-slide-bg {
}
}
@media (max-width: 767px) {
#slide-621 .wd-slide-bg {
}
}
#slide-628 .wd-slide-container {
--wd-align-items: center;
--wd-justify-content: left;
}
#slide-628.woodmart-loaded .wd-slide-bg {
}
#slide-628 .wd-slide-bg {
background-color:rgb(122,181,50); background-size:cover;
background-position:center center; }
@media (max-width: 1024px) {
#slide-628 .wd-slide-bg {
}
}
@media (max-width: 767px) {
#slide-628 .wd-slide-bg {
}
}
</style>
<div id="slider-70" data-id="70" class="wd-slider wd-carousel-container wd-anim-fade wd-section-stretch">
<div class="wd-carousel-inner">
<div class="wd-carousel wd-grid scroll-init" data-wrap="yes" data-autoheight="yes" data-scroll_per_page="yes" data-sliding_speed="700" data-effect="fade" style="--wd-col-lg:1;--wd-col-md:1;--wd-col-sm:1;">
<div class="wd-carousel-wrap ">
<div id="slide-609" class="wd-slide wd-carousel-item woodmart-loaded" >
<div class="container wd-slide-container content-full-width wd-padding-off">
<div class="wd-slide-inner wd-animation-normal wd-animation-zoom-in">
<style>.elementor-609 .elementor-element.elementor-element-4d8b30f > .elementor-container > .elementor-column > .elementor-widget-wrap{align-content:center;align-items:center;}.elementor-609 .elementor-element.elementor-element-4d8b30f:not(.elementor-motion-effects-element-type-background), .elementor-609 .elementor-element.elementor-element-4d8b30f > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-image:url("https://eonhk.com/wp-content/uploads/2021/08/wd-bestsellers.svg");background-position:center center;background-repeat:no-repeat;background-size:contain;}.elementor-609 .elementor-element.elementor-element-4d8b30f{transition:background 0.3s, border 0.3s, border-radius 0.3s, box-shadow 0.3s;padding:15px 15px 15px 15px;}.elementor-609 .elementor-element.elementor-element-4d8b30f > .elementor-background-overlay{transition:background 0.3s, border-radius 0.3s, opacity 0.3s;}.elementor-609 .elementor-element.elementor-element-67e7f900{text-align:left;}.elementor-609 .elementor-element.elementor-element-482f536a .title-after_title, .elementor-609 .elementor-element.elementor-element-482f536a .title-subtitle, .elementor-609 .elementor-element.elementor-element-482f536a .woodmart-title-container{max-width:100%;}.elementor-609 .elementor-element.elementor-element-482f536a .title-subtitle{color:rgba(255,255,255,0.8);font-size:16px;font-weight:700;}.elementor-609 .elementor-element.elementor-element-482f536a .title{font-size:54px;font-weight:600;}.elementor-609 .elementor-element.elementor-element-7b24dee2{margin:0px 0px 20px 0px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;font-weight:500;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;font-weight:500;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;font-weight:500;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-27a4c650{width:auto;max-width:auto;}@media(max-width:1024px){.elementor-609 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:16px;}.elementor-609 .elementor-element.elementor-element-482f536a .title{font-size:50px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}}@media(max-width:767px){.elementor-609 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:14px;}.elementor-609 .elementor-element.elementor-element-482f536a .title{font-size:26px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:14px;}.elementor-609 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:13px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:14px;}.elementor-609 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:13px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:14px;}.elementor-609 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:13px;}}</style> <div data-elementor-type="wp-post" data-elementor-id="609" class="elementor elementor-609">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-4d8b30f elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4d8b30f" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-467c08d9" data-id="467c08d9" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-67e7f900 wd-animation-slide-from-left wd_delay_200 wd-animation-normal elementor-widget elementor-widget-image" data-id="67e7f900" data-element_type="widget" data-widget_type="image.default">
<div class="elementor-widget-container">
<img loading="lazy" decoding="async" width="850" height="850" src="https://eonhk.com/wp-content/uploads/2021/08/best-seller1.png" class="attachment-full size-full wp-image-8615" alt="" srcset="https://eonhk.com/wp-content/uploads/2021/08/best-seller1.png 850w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-430x430.png 430w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-150x150.png 150w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-700x700.png 700w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-300x300.png 300w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-800x800.png 800w, https://eonhk.com/wp-content/uploads/2021/08/best-seller1-768x768.png 768w" sizes="(max-width: 850px) 100vw, 850px" /> </div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-511637f1" data-id="511637f1" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-482f536a wd-animation-slide-from-bottom wd-width-100 wd-animation-normal wd_delay_100 elementor-widget elementor-widget-wd_title" data-id="482f536a" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-white wd-title-style-default wd-title-size-default text-left">
<div class="title-subtitle subtitle-color-white subtitle-style-default wd-fontsize-xs">
EON PRODUCT </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">Vert-u Sofa -<br />
Classic Design.</h4>
</div>
</div>
</div>
</div>
<section class="wd-negative-gap elementor-section elementor-inner-section elementor-element elementor-element-7b24dee2 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="7b24dee2" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-32a297ba" data-id="32a297ba" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-7e43ab12 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="7e43ab12" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
TYPE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Blue Double Seater Sofa</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-7befda0a" data-id="7befda0a" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-56b19fd2 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="56b19fd2" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
MATERIALS: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Wood, Leather, Metal</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-13bf118b" data-id="13bf118b" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-38b86898 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="38b86898" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
SIZE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>40 x 70 x 46SHcm (82cm)</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<div class="elementor-element elementor-element-27a4c650 elementor-widget__width-auto wd-animation-slide-from-bottom wd_delay_300 wd-animation-normal elementor-widget elementor-widget-wd_button" data-id="27a4c650" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-bordered btn-shape-rectangle btn-size-default btn-color-white btn-icon-pos-right" href="https://eonhk.com/contact-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
CONTACT NOW </span>
</a>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
</div>
<div class="wd-slide-bg wd-fill"></div>
</div>
<div id="slide-621" class="wd-slide wd-carousel-item" >
<div class="container wd-slide-container content-full-width wd-padding-off">
<div class="wd-slide-inner wd-animation-normal wd-animation-zoom-in">
<style>.elementor-621 .elementor-element.elementor-element-4d8b30f > .elementor-container > .elementor-column > .elementor-widget-wrap{align-content:center;align-items:center;}.elementor-621 .elementor-element.elementor-element-4d8b30f:not(.elementor-motion-effects-element-type-background), .elementor-621 .elementor-element.elementor-element-4d8b30f > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-image:url("https://eonhk.com/wp-content/uploads/2021/08/wd-bestsellers.svg");background-position:center center;background-repeat:no-repeat;background-size:contain;}.elementor-621 .elementor-element.elementor-element-4d8b30f{transition:background 0.3s, border 0.3s, border-radius 0.3s, box-shadow 0.3s;padding:15px 15px 15px 15px;}.elementor-621 .elementor-element.elementor-element-4d8b30f > .elementor-background-overlay{transition:background 0.3s, border-radius 0.3s, opacity 0.3s;}.elementor-621 .elementor-element.elementor-element-67e7f900{text-align:left;}.elementor-621 .elementor-element.elementor-element-482f536a .title-after_title, .elementor-621 .elementor-element.elementor-element-482f536a .title-subtitle, .elementor-621 .elementor-element.elementor-element-482f536a .woodmart-title-container{max-width:100%;}.elementor-621 .elementor-element.elementor-element-482f536a .title-subtitle{color:rgba(255,255,255,0.8);font-size:16px;font-weight:700;}.elementor-621 .elementor-element.elementor-element-482f536a .title{font-size:54px;font-weight:600;}.elementor-621 .elementor-element.elementor-element-7b24dee2{margin:0px 0px 20px 0px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;font-weight:500;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;font-weight:500;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;font-weight:500;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-27a4c650{width:auto;max-width:auto;}@media(max-width:1024px){.elementor-621 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:16px;}.elementor-621 .elementor-element.elementor-element-482f536a .title{font-size:50px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}}@media(max-width:767px){.elementor-621 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:14px;}.elementor-621 .elementor-element.elementor-element-482f536a .title{font-size:26px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:14px;}.elementor-621 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:13px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:14px;}.elementor-621 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:13px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:14px;}.elementor-621 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:13px;}}</style> <div data-elementor-type="wp-post" data-elementor-id="621" class="elementor elementor-621">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-4d8b30f elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4d8b30f" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-467c08d9" data-id="467c08d9" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-67e7f900 wd-animation-slide-from-left wd_delay_200 wd-animation-normal elementor-widget elementor-widget-image" data-id="67e7f900" data-element_type="widget" data-widget_type="image.default">
<div class="elementor-widget-container">
<img loading="lazy" decoding="async" width="850" height="850" src="https://eonhk.com/wp-content/uploads/2021/08/best-seller2.png" class="attachment-full size-full wp-image-8616" alt="" srcset="https://eonhk.com/wp-content/uploads/2021/08/best-seller2.png 850w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-430x430.png 430w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-150x150.png 150w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-700x700.png 700w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-300x300.png 300w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-800x800.png 800w, https://eonhk.com/wp-content/uploads/2021/08/best-seller2-768x768.png 768w" sizes="(max-width: 850px) 100vw, 850px" /> </div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-511637f1" data-id="511637f1" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-482f536a wd-animation-slide-from-bottom wd-width-100 wd-animation-normal wd_delay_100 elementor-widget elementor-widget-wd_title" data-id="482f536a" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-white wd-title-style-default wd-title-size-default text-left">
<div class="title-subtitle subtitle-color-white subtitle-style-default wd-fontsize-xs">
EON PRODUCT </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">Curved -<br />
Sofa<br />
</h4>
</div>
</div>
</div>
</div>
<section class="wd-negative-gap elementor-section elementor-inner-section elementor-element elementor-element-7b24dee2 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="7b24dee2" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-32a297ba" data-id="32a297ba" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-7e43ab12 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="7e43ab12" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
TYPE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>White Sofa</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-7befda0a" data-id="7befda0a" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-56b19fd2 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="56b19fd2" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
MATERIALS: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Wood, Leather, Metal</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-13bf118b" data-id="13bf118b" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-38b86898 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="38b86898" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
SIZE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>180 x 90 x 45SH (cm)</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<div class="elementor-element elementor-element-27a4c650 elementor-widget__width-auto wd-animation-slide-from-bottom wd_delay_300 wd-animation-normal elementor-widget elementor-widget-wd_button" data-id="27a4c650" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-bordered btn-shape-rectangle btn-size-default btn-color-white btn-icon-pos-right" href="https://eonhk.com/contact-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
CONTACT NOW </span>
</a>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
</div>
<div class="wd-slide-bg wd-fill"></div>
</div>
<div id="slide-628" class="wd-slide wd-carousel-item" >
<div class="container wd-slide-container content-full-width wd-padding-off">
<div class="wd-slide-inner wd-animation-normal wd-animation-zoom-in">
<style>.elementor-628 .elementor-element.elementor-element-4d8b30f > .elementor-container > .elementor-column > .elementor-widget-wrap{align-content:center;align-items:center;}.elementor-628 .elementor-element.elementor-element-4d8b30f:not(.elementor-motion-effects-element-type-background), .elementor-628 .elementor-element.elementor-element-4d8b30f > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-image:url("https://eonhk.com/wp-content/uploads/2021/08/wd-bestsellers.svg");background-position:center center;background-repeat:no-repeat;background-size:contain;}.elementor-628 .elementor-element.elementor-element-4d8b30f{transition:background 0.3s, border 0.3s, border-radius 0.3s, box-shadow 0.3s;padding:15px 15px 15px 15px;}.elementor-628 .elementor-element.elementor-element-4d8b30f > .elementor-background-overlay{transition:background 0.3s, border-radius 0.3s, opacity 0.3s;}.elementor-628 .elementor-element.elementor-element-67e7f900{text-align:left;}.elementor-628 .elementor-element.elementor-element-482f536a .title-after_title, .elementor-628 .elementor-element.elementor-element-482f536a .title-subtitle, .elementor-628 .elementor-element.elementor-element-482f536a .woodmart-title-container{max-width:100%;}.elementor-628 .elementor-element.elementor-element-482f536a .title-subtitle{color:rgba(255,255,255,0.8);font-size:16px;font-weight:700;}.elementor-628 .elementor-element.elementor-element-482f536a .title{font-size:54px;font-weight:600;}.elementor-628 .elementor-element.elementor-element-7b24dee2{margin:0px 0px 20px 0px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;font-weight:500;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;font-weight:500;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;font-weight:500;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-27a4c650{width:auto;max-width:auto;}@media(max-width:1024px){.elementor-628 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:16px;}.elementor-628 .elementor-element.elementor-element-482f536a .title{font-size:50px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:16px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:16px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:16px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:16px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:16px;}}@media(max-width:767px){.elementor-628 .elementor-element.elementor-element-482f536a .title-subtitle{font-size:14px;}.elementor-628 .elementor-element.elementor-element-482f536a .title{font-size:26px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-title{font-size:14px;}.elementor-628 .elementor-element.elementor-element-7e43ab12 .info-box-inner{font-size:13px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-title{font-size:14px;}.elementor-628 .elementor-element.elementor-element-56b19fd2 .info-box-inner{font-size:13px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-title{font-size:14px;}.elementor-628 .elementor-element.elementor-element-38b86898 .info-box-inner{font-size:13px;}}</style> <div data-elementor-type="wp-post" data-elementor-id="628" class="elementor elementor-628">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-4d8b30f elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4d8b30f" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-467c08d9" data-id="467c08d9" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-67e7f900 wd-animation-slide-from-left wd_delay_200 wd-animation-normal elementor-widget elementor-widget-image" data-id="67e7f900" data-element_type="widget" data-widget_type="image.default">
<div class="elementor-widget-container">
<img loading="lazy" decoding="async" width="800" height="800" src="https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051.png" class="attachment-full size-full wp-image-8623" alt="" srcset="https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051.png 800w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-430x430.png 430w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-150x150.png 150w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-700x700.png 700w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-300x300.png 300w, https://eonhk.com/wp-content/uploads/2021/08/903_cover_1719824051-768x768.png 768w" sizes="(max-width: 800px) 100vw, 800px" /> </div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-511637f1" data-id="511637f1" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-482f536a wd-animation-slide-from-bottom wd-width-100 wd-animation-normal wd_delay_100 elementor-widget elementor-widget-wd_title" data-id="482f536a" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-white wd-title-style-default wd-title-size-default text-left">
<div class="title-subtitle subtitle-color-white subtitle-style-default wd-fontsize-xs">
EON PRODUCT </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">SF77e & SF74e Sofa -<br />
Modern Pattern.</h4>
</div>
</div>
</div>
</div>
<section class="wd-negative-gap elementor-section elementor-inner-section elementor-element elementor-element-7b24dee2 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="7b24dee2" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-32a297ba" data-id="32a297ba" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-7e43ab12 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="7e43ab12" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
TYPE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Outdoor sofa Double Seat</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-7befda0a" data-id="7befda0a" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-56b19fd2 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="56b19fd2" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
MATERIALS: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>Metal, Wood, Polymer</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-13bf118b" data-id="13bf118b" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-38b86898 wd-animation-slide-from-bottom wd_delay_200 wd-animation-normal elementor-widget elementor-widget-wd_infobox" data-id="38b86898" data-element_type="widget" data-widget_type="wd_infobox.default">
<div class="elementor-widget-container">
<div class="info-box-wrapper">
<div class="wd-info-box text-left box-icon-align-top box-style-base color-scheme-light">
<div class="info-box-content">
<h4 class="info-box-title title box-title-style-underlined wd-fontsize-s" data-elementor-setting-key="title">
SIZE: </h4>
<div class="info-box-inner reset-last-child"data-elementor-setting-key="content"><p><em>140 x 80 x 44SH (cm)</em></p>
</div>
</div>
<a href="#" class="wd-info-box-link wd-fill" aria-label="Infobox link"></a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<div class="elementor-element elementor-element-27a4c650 elementor-widget__width-auto wd-animation-slide-from-bottom wd_delay_300 wd-animation-normal elementor-widget elementor-widget-wd_button" data-id="27a4c650" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-bordered btn-shape-rectangle btn-size-default btn-color-white btn-icon-pos-right" href="https://eonhk.com/contact-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
CONTACT NOW </span>
</a>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
</div>
<div class="wd-slide-bg wd-fill"></div>
</div>
</div>
</div>
<div class="wd-nav-arrows wd-slider-arrows wd-custom-style wd-style-1 wd-pos-sep color-scheme-light">
<div class="wd-btn-arrow wd-prev">
<div class="wd-arrow-inner"></div>
</div>
<div class="wd-btn-arrow wd-next">
<div class="wd-arrow-inner"></div>
</div>
</div>
</div>
<div class="wd-nav-pagin-wrap wd-slider-pagin wd-custom-style wd-style-shape-1 text-center color-scheme-light">
<ul class="wd-nav-pagin"></ul>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-71a488cb wd-section-stretch elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="71a488cb" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-399aa291" data-id="399aa291" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-bf882d8 elementor-hidden-tablet elementor-hidden-mobile elementor-widget elementor-widget-wd_text_block" data-id="bf882d8" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left color-#8E8E8E color-scheme-custom">
EON Rental Limited
</div>
</div>
</div>
<div class="elementor-element elementor-element-7f0e1c55 wd-width-100 elementor-widget elementor-widget-wd_title" data-id="7f0e1c55" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-default text-left">
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">WHO WE ARE</h4>
</div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-98bbf72 elementor-widget elementor-widget-wd_text_block" data-id="98bbf72" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
<p>EON Rental Limited provides Furniture & AV equipment rental service and Marquee solution for events, exhibitions, road shows and promotion campaigns in Hong Kong since 2010.</p><p>Our team is our biggest asset and most of them have more than 15 years of experience in exhibition services and event management fields. Thanks for their sharing of professional knowledge and experience, we are able to expand our business in an extremely fast pace.</p>
</div>
</div>
</div>
<div class="elementor-element elementor-element-1fd6c301 elementor-widget__width-auto elementor-widget elementor-widget-wd_button" data-id="1fd6c301" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-default btn-shape-rectangle btn-size-default btn-color-primary btn-icon-pos-right" href="https://eonhk.com/about-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
Read More </span>
</a>
</div>
</div>
</div>
<div class="elementor-element elementor-element-4eba9bfb elementor-widget__width-auto elementor-widget elementor-widget-wd_button" data-id="4eba9bfb" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-bordered btn-shape-rectangle btn-size-default btn-icon-pos-right" href="https://eonhk.com/contact-us/">
<span class="wd-btn-text" data-elementor-setting-key="text">
Contact us </span>
</a>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-23ed652b wd-section-stretch elementor-hidden-desktop elementor-hidden-tablet elementor-hidden-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="23ed652b" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4d818f90" data-id="4d818f90" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-4d6e8f90 wd-width-100 elementor-widget elementor-widget-wd_title" data-id="4d6e8f90" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-default text-center">
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l"><strong>JOIN OUR NEWSLETTER NOW</strong></h4>
</div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-4fb924c elementor-widget elementor-widget-wd_text_block" data-id="4fb924c" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-center">
<p>Will be used in accordance with our <a href="#"><strong>Privacy Policy</strong></a></p>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-1c7377 elementor-hidden-desktop elementor-hidden-tablet elementor-hidden-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="1c7377" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7269e28e" data-id="7269e28e" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-6dac4ad8 wd-width-100 elementor-widget elementor-widget-wd_title" data-id="6dac4ad8" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-medium text-center">
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-xl">OUR LATEST NEWS</h4>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-64836ac wd-section-stretch elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="64836ac" data-element_type="section" data-settings="{"background_background":"classic"}">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-3c461d67" data-id="3c461d67" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-c38d022 wd-width-100 elementor-widget elementor-widget-wd_title" data-id="c38d022" data-element_type="widget" data-widget_type="wd_title.default">
<div class="elementor-widget-container">
<div class="title-wrapper wd-set-mb reset-last-child wd-title-color-default wd-title-style-default wd-title-size-default text-center">
<div class="title-subtitle subtitle-color-default subtitle-style-default wd-fontsize-xs">
RECENT WORKS </div>
<div class="liner-continer">
<h4 class="woodmart-title-container title wd-fontsize-l">EVENT ORGANISIED</h4>
</div>
<div class="title-after_title reset-last-child wd-fontsize-xs">
<p>Service in Exhibition Industry</p> </div>
</div>
</div>
</div>
<div class="elementor-element elementor-element-3bd90c1 xtemos-show-demos elementor-widget elementor-widget-wd_button" data-id="3bd90c1" data-element_type="widget" data-widget_type="wd_button.default">
<div class="elementor-widget-container">
<div class="wd-button-wrapper text-center" >
<a class="btn btn-style-link btn-shape- btn-size-default btn-color-primary btn-icon-pos-right" href="https://eonhk.com/projects/">
<span class="wd-btn-text" data-elementor-setting-key="text">
View All </span>
</a>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-75 elementor-top-column elementor-element elementor-element-325a9367" data-id="325a9367" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-449616a8 wd-width-100 elementor-widget elementor-widget-wd_images_gallery" data-id="449616a8" data-element_type="widget" data-widget_type="wd_images_gallery.default">
<div class="elementor-widget-container">
<div class="wd-images-gallery wd-carousel-container" style="--wd-align-items:center; --wd-justify-content:center;">
<div class="wd-carousel-inner">
<div class="wd-carousel wd-grid" data-scroll_per_page="yes" style="--wd-col-lg:4;--wd-col-md:4;--wd-col-sm:1;--wd-gap-lg:2px;">
<div class="wd-carousel-wrap">
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190122-WA0241c_1555383742_p.jpg" alt="IMG-20190122-WA0241c_1555383742_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190123-WA0002c_1555383745_p.jpg" alt="IMG-20190123-WA0002c_1555383745_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190125-WA0015c_1555383741_p.jpg" alt="IMG-20190125-WA0015c_1555383741_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190221-WA0041c_1555383427_p.jpg" alt="IMG-20190221-WA0041c_1555383427_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190223-WA0078c_1555383430_p.jpg" alt="IMG-20190223-WA0078c_1555383430_p">
</div>
<div class="wd-gallery-item wd-carousel-item">
<img decoding="async" src="https://eonhk.com/wp-content/uploads/2024/09/IMG-20190226-WA0061c_1555383428_p.jpg" alt="IMG-20190226-WA0061c_1555383428_p">
</div>
</div>
</div>
<div class="wd-nav-arrows wd-pos-sep wd-hover-1 wd-icon-1">
<div class="wd-btn-arrow wd-prev wd-disabled">
<div class="wd-arrow-inner"></div>
</div>
<div class="wd-btn-arrow wd-next">
<div class="wd-arrow-inner"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</article>
</div>
</div>
<footer class="wd-footer footer-container color-scheme-dark">
<div class="container main-footer wd-entry-content">
<link rel="stylesheet" id="elementor-post-11213-css" href="https://eonhk.com/wp-content/uploads/elementor/css/post-11213.css?ver=1759918866" type="text/css" media="all">
<div data-elementor-type="wp-post" data-elementor-id="11213" class="elementor elementor-11213">
<section class="wd-negative-gap elementor-section elementor-top-section elementor-element elementor-element-5e8e784 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="5e8e784" data-element_type="section">
<div class="elementor-container elementor-column-gap-default">
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-fdef96f" data-id="fdef96f" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-858db24 elementor-widget elementor-widget-wd_image_or_svg" data-id="858db24" data-element_type="widget" data-widget_type="wd_image_or_svg.default">
<div class="elementor-widget-container">
<div class="wd-image text-left">
<a href="/" aria-label="Image link">
<img width="180" height="102" src="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png" class="attachment-180x size-180x" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-180x102.png 180w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental-150x85.png 150w, https://eonhk.com/wp-content/uploads/2025/03/EON-Rental.png 300w" sizes="(max-width: 180px) 100vw, 180px" /> </a>
</div>
</div>
</div>
<div class="elementor-element elementor-element-3344611 elementor-widget elementor-widget-wd_list" data-id="3344611" data-element_type="widget" data-widget_type="wd_list.default">
<div class="elementor-widget-container">
<ul class="wd-list color-scheme- wd-fontsize-xs wd-type-image wd-style-default text-left">
<li class="elementor-repeater-item-80be36b">
<span class="wd-icon"><img src="https://eonhk.com/wp-content/uploads/2021/08/wd-cursor-dark.svg" title="wd-cursor-dark" loading="lazy" width="14" height="14"></span>
<span class="wd-list-content list-content">
Address:
11B, Man Sun Logistic Centre, Hung Cheung Road, Tuen Mun, NT, Hong Kong </span>
</li>
<li class="elementor-repeater-item-c383cf6">
<span class="wd-icon"><img src="https://eonhk.com/wp-content/uploads/2021/08/wd-phone-dark.svg" title="wd-phone-dark" loading="lazy" width="14" height="14"></span>
<span class="wd-list-content list-content">
Tel: (852) 3568 2593 </span>
<a href="tel:+85235682593" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-e395cf1">
<span class="wd-icon"><img width="14" height="14" src="https://eonhk.com/wp-content/uploads/2025/04/whatsapp-14x14.png" class="attachment-14x14 size-14x14" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/04/whatsapp-14x14.png 14w, https://eonhk.com/wp-content/uploads/2025/04/whatsapp-298x300.png 298w, https://eonhk.com/wp-content/uploads/2025/04/whatsapp-150x151.png 150w, https://eonhk.com/wp-content/uploads/2025/04/whatsapp-430x430.png 430w, https://eonhk.com/wp-content/uploads/2025/04/whatsapp.png 509w" sizes="(max-width: 14px) 100vw, 14px" /></span>
<span class="wd-list-content list-content">
WhatsApp: (852) 9889 4137 </span>
<a href="https://wa.me/85298894137?text=Hi%20Eon%20https%3A%2F%2Feonhk.com" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-a511145">
<span class="wd-icon"><img width="16" height="16" src="https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01-16x16.jpg" class="attachment-16x16 size-16x16" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01-16x16.jpg 16w, https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2021/08/illust58-6215-01.jpg 400w" sizes="(max-width: 16px) 100vw, 16px" /></span>
<span class="wd-list-content list-content">
Fax: (852) 8148 3132 </span>
</li>
<li class="elementor-repeater-item-4bc0dff">
<span class="wd-icon"><img src="https://eonhk.com/wp-content/uploads/2021/08/wd-envelope-dark.svg" title="wd-envelope-dark" loading="lazy" width="14" height="14"></span>
<span class="wd-list-content list-content">
E-mail: [email protected] </span>
<a href="mailto:[email protected]" class="wd-fill" aria-label="List item link"></a>
</li>
</ul>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-4d26408" data-id="4d26408" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-0d7ae7e elementor-widget elementor-widget-wd_text_block" data-id="0d7ae7e" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
<p>Mission Statement</p>
</div>
</div>
</div>
<div class="elementor-element elementor-element-deb90e6 elementor-widget elementor-widget-wd_text_block" data-id="deb90e6" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
Energy and experience are what drive us at Eon to deliver the best furniture and AV equipment rental service in exhibition industry. We believe that smooth delivery and prompt action are our core strength.
</div>
</div>
</div>
<div class="elementor-element elementor-element-88398a6 gallery-spacing-custom elementor-widget elementor-widget-image-gallery" data-id="88398a6" data-element_type="widget" data-widget_type="image-gallery.default">
<div class="elementor-widget-container">
<div class="elementor-image-gallery">
<style>
#gallery-1 {
margin: auto;
}
#gallery-1 .gallery-item {
float: left;
margin-top: 10px;
text-align: center;
width: 50%;
}
#gallery-1 img {
border: 2px solid #cfcfcf;
}
#gallery-1 .gallery-caption {
margin-left: 0;
}
/* see gallery_shortcode() in wp-includes/media.php */
</style>
<div id='gallery-1' class='gallery galleryid-10919 gallery-columns-2 gallery-size-thumbnail'><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="no" href='https://eonhk.com/wp-content/uploads/2025/04/WhatsApp-QR-code-1744443693641.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2025/04/WhatsApp-QR-code-1744443693641-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" aria-describedby="gallery-1-11382" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2025/04/WhatsApp-QR-code-1744443693641-150x150.png 150w, https://eonhk.com/wp-content/uploads/2025/04/WhatsApp-QR-code-1744443693641.png 200w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt>
<dd class='wp-caption-text gallery-caption' id='gallery-1-11382'>
WhatsApp
</dd></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="no" href='https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" aria-describedby="gallery-1-8480" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2-301x300.jpg 301w, https://eonhk.com/wp-content/uploads/2024/09/eon_wechat_v2.jpg 511w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt>
<dd class='wp-caption-text gallery-caption' id='gallery-1-8480'>
WeChat
</dd></dl><br style="clear: both" />
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-ae43079" data-id="ae43079" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-33a0188 elementor-widget elementor-widget-wd_text_block" data-id="33a0188" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
Hot Items
</div>
</div>
</div>
<div class="elementor-element elementor-element-c9a9600 elementor-widget elementor-widget-image-gallery" data-id="c9a9600" data-element_type="widget" data-widget_type="image-gallery.default">
<div class="elementor-widget-container">
<div class="elementor-image-gallery">
<style>
#gallery-2 {
margin: auto;
}
#gallery-2 .gallery-item {
float: left;
margin-top: 10px;
text-align: center;
width: 33%;
}
#gallery-2 img {
border: 2px solid #cfcfcf;
}
#gallery-2 .gallery-caption {
margin-left: 0;
}
/* see gallery_shortcode() in wp-includes/media.php */
</style>
<div id='gallery-2' class='gallery galleryid-10919 gallery-columns-3 gallery-size-thumbnail'><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="TA76-gcs (VE)" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxOSwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1RBNzYtZ2NzLVZFLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/TA76-gcs-VE.png 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF95u" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxNywidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGOTV1LmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF95u.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF95u-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF95u-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/SF95u-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/SF95u.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF95n" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxNiwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGOTVuLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF95n.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF95n-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF95n-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/SF95n-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/SF95n.png 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><br style="clear: both" /><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF73ux" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxNSwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGNzN1eC5wbmciLCJzbGlkZXNob3ciOiJjOWE5NjAwIn0%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF73ux.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF73ux-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF73ux-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/SF73ux.png 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF66r" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxNCwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGNjZyLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF66r.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF66r-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF66r-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-800x800.png 800w, https://eonhk.com/wp-content/uploads/2024/09/SF66r-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/SF66r.png 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF39w-03" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxMywidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGMzl3LTAzLmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF39w-03.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-1536x1536.jpg 1536w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03-860x860.jpg 860w, https://eonhk.com/wp-content/uploads/2024/09/SF39w-03.jpg 1600w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><br style="clear: both" /><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="MS94w" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUwOCwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL01TOTR3LmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/MS94w.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/MS94w-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/MS94w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/MS94w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/MS94w.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="MS95b" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUwOSwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL01TOTViLmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/MS95b.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/MS95b-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/MS95b-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/MS95b-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/MS95b.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="SF19w" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUxMCwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL1NGMTl3LmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/SF19w.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/SF19w-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/SF19w-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/SF19w-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/SF19w.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><br style="clear: both" /><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="MS94e" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODUwNywidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL01TOTRlLmpwZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/MS94e.jpg'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/MS94e-150x150.jpg" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/MS94e-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2024/09/MS94e-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2024/09/MS94e.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="903_cover_1719824051" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODQ5NywidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcLzkwM19jb3Zlcl8xNzE5ODI0MDUxLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/903_cover_1719824051.png 800w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><dl class='gallery-item'>
<dt class='gallery-icon landscape'>
<a data-elementor-open-lightbox="yes" data-elementor-lightbox-slideshow="c9a9600" data-elementor-lightbox-title="AC22w-01" data-e-action-hash="#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6ODQ5OCwidXJsIjoiaHR0cHM6XC9cL2VvbmhrLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL0FDMjJ3LTAxLnBuZyIsInNsaWRlc2hvdyI6ImM5YTk2MDAifQ%3D%3D" href='https://eonhk.com/wp-content/uploads/2024/09/AC22w-01.png'><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-150x150.png" class="attachment-thumbnail size-thumbnail" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-150x150.png 150w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-430x430.png 430w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-700x700.png 700w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-300x300.png 300w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01-768x768.png 768w, https://eonhk.com/wp-content/uploads/2024/09/AC22w-01.png 800w" sizes="(max-width: 150px) 100vw, 150px" /></a>
</dt></dl><br style="clear: both" />
</div>
</div>
</div>
</div>
</div>
</div>
<div class="elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-768e704" data-id="768e704" data-element_type="column">
<div class="elementor-widget-wrap elementor-element-populated">
<div class="elementor-element elementor-element-638d5cb elementor-widget elementor-widget-wd_text_block" data-id="638d5cb" data-element_type="widget" data-widget_type="wd_text_block.default">
<div class="elementor-widget-container">
<div class="wd-text-block reset-last-child text-left">
Useful Links
</div>
</div>
</div>
<div class="elementor-element elementor-element-83b800d elementor-widget elementor-widget-wd_list" data-id="83b800d" data-element_type="widget" data-widget_type="wd_list.default">
<div class="elementor-widget-container">
<ul class="wd-list color-scheme- wd-fontsize-xs wd-type-image wd-style-default text-left">
<li class="elementor-repeater-item-80be36b">
<span class="wd-icon"></span>
<span class="wd-list-content list-content">
About EON </span>
<a href="https://eonhk.com/about-us/" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-679e2bc">
<span class="wd-icon"></span>
<span class="wd-list-content list-content">
FAQs </span>
<a href="/faqs" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-c383cf6">
<span class="wd-icon"></span>
<span class="wd-list-content list-content">
Terms & Conditions </span>
<a href="/terms-conditions/" class="wd-fill" aria-label="List item link"></a>
</li>
<li class="elementor-repeater-item-4bc0dff">
<span class="wd-icon"></span>
<span class="wd-list-content list-content">
Contact Us </span>
<a href="/contact-us/" class="wd-fill" aria-label="List item link"></a>
</li>
</ul>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
<div class="wd-copyrights copyrights-wrapper wd-layout-two-columns">
<div class="container wd-grid-g">
<div class="wd-col-start reset-last-child">
© 2025 EON Rental Limited. All rights reserved. Powered by<a href="https://www.techcomm.com/" target="_blank"><span style="color:#777777"> Techcomm</span></a>. </div>
</div>
</div>
</footer>
</div>
</div>
<div class="wd-close-side wd-fill"></div>
<a href="#" class="scrollToTop" aria-label="Scroll to top button"></a>
<div class="mobile-nav wd-side-hidden wd-side-hidden-nav wd-left wd-opener-arrow"> <div class="wd-search-form">
<form role="search" method="get" class="searchform wd-cat-style-bordered woodmart-ajax-search" action="https://eonhk.com/" data-thumbnail="1" data-price="1" data-post_type="product" data-count="20" data-sku="0" data-symbols_count="3">
<input type="text" class="s" placeholder="Search for products" value="" name="s" aria-label="Search" title="Search for products" required/>
<input type="hidden" name="post_type" value="product">
<button type="submit" class="searchsubmit">
<span>
Search </span>
</button>
</form>
<div class="search-results-wrapper">
<div class="wd-dropdown-results wd-scroll wd-dropdown">
<div class="wd-scroll-content"></div>
</div>
</div>
</div>
<ul class="wd-nav wd-nav-mob-tab wd-style-underline">
<li class="mobile-tab-title mobile-pages-title wd-active" data-menu="pages">
<a href="#" rel="nofollow noopener">
<span class="nav-link-text">
Menu </span>
</a>
</li>
<li class="mobile-tab-title mobile-categories-title " data-menu="categories">
<a href="#" rel="nofollow noopener">
<span class="nav-link-text">
Categories </span>
</a>
</li>
</ul>
<ul id="menu-product-category-1" class="mobile-categories-menu menu wd-nav wd-nav-mobile wd-layout-dropdown"><li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-14074 item-level-0" ><a href="https://eonhk.com/product-category/3d-printing/" class="woodmart-nav-link"><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-150x150.jpg" class="wd-nav-img" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/06/3D-Printing-1-mune.jpg 850w" sizes="(max-width: 150px) 100vw, 150px" /><span class="nav-link-text">3D Printing</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-14091 item-level-0" ><a href="https://eonhk.com/product-category/booth-design/" class="woodmart-nav-link"><img width="150" height="150" src="https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-150x150.jpg" class="wd-nav-img" alt="" decoding="async" srcset="https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-150x150.jpg 150w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-300x300.jpg 300w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-800x800.jpg 800w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-768x768.jpg 768w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-430x430.jpg 430w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu-700x700.jpg 700w, https://eonhk.com/wp-content/uploads/2026/06/HKUST-Booth-Design-左-menu.jpg 1080w" sizes="(max-width: 150px) 100vw, 150px" /><span class="nav-link-text">Booth Design & Production</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10452 item-level-0" ><a href="https://eonhk.com/product-category/game-booth/" class="woodmart-nav-link"><span class="nav-link-text">Game Booth</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10449 item-level-0" ><a href="https://eonhk.com/product-category/furniture/" class="woodmart-nav-link"><span class="nav-link-text">Furniture 傢俬</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10450 item-level-1" ><a href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" class="woodmart-nav-link">Chair 椅子</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11023 item-level-1" ><a href="https://eonhk.com/product-category/furniture/outdoor-%e6%88%b6%e5%a4%96%e5%82%a2%e4%bf%ac/" class="woodmart-nav-link">Outdoor 戶外傢俬</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10451 item-level-1" ><a href="https://eonhk.com/product-category/furniture/sofa-%e6%a2%b3%e5%8c%96%e6%b2%99%e7%99%bc/" class="woodmart-nav-link">Sofa 梳化沙發</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10475 item-level-1" ><a href="https://eonhk.com/product-category/furniture/stool-%e5%90%a7%e6%a4%85/" class="woodmart-nav-link">Stool 吧椅</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10476 item-level-1" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/" class="woodmart-nav-link">Table 桌子</a>
<ul class="sub-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10465 item-level-2" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/coffee-table-%e5%92%96%e5%95%a1%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">Coffee Table 咖啡台桌</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10466 item-level-2" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/dinning-table-%e9%a4%90%e5%8f%b0%e6%a1%8c-%e6%9c%83%e8%ad%b0%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">Dinning Table/Meeting Table 餐台桌/會議台桌</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10467 item-level-2" ><a href="https://eonhk.com/product-category/furniture/table-%e6%a1%8c%e5%ad%90/high-table-%e5%90%a7%e5%8f%b0%e6%a1%8c/" class="woodmart-nav-link">High Table 吧台桌</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11188 item-level-1" ><a href="https://eonhk.com/product-category/furniture/kids-%e5%85%92%e7%ab%a5%e5%82%a2%e4%bf%ac/" class="woodmart-nav-link">Kids 兒童傢俬</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-11403 item-level-1" ><a href="https://eonhk.com/product-category/furniture/furniture-set-%e5%82%a2%e4%bf%ac%e7%b5%84%e5%90%88/" class="woodmart-nav-link">Furniture Set 傢俬組合</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10453 item-level-0" ><a href="https://eonhk.com/product-category/illuminated-led-funiture1/" class="woodmart-nav-link"><span class="nav-link-text">Illuminated / LED Funiture</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10422 item-level-0" ><a href="https://eonhk.com/product-category/av-items/" class="woodmart-nav-link"><span class="nav-link-text">AV items</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10426 item-level-1" ><a href="https://eonhk.com/product-category/av-items/pa-system/" class="woodmart-nav-link">PA System</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10424 item-level-1" ><a href="https://eonhk.com/product-category/av-items/display-panel/" class="woodmart-nav-link">Display Panel</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10477 item-level-1" ><a href="https://eonhk.com/product-category/av-items/tv/" class="woodmart-nav-link">TV</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10427 item-level-1" ><a href="https://eonhk.com/product-category/av-items/projector/" class="woodmart-nav-link">Projector</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10425 item-level-1" ><a href="https://eonhk.com/product-category/av-items/ipad/" class="woodmart-nav-link">iPad</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10423 item-level-1" ><a href="https://eonhk.com/product-category/av-items/computer/" class="woodmart-nav-link">Computer</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10428 item-level-0" ><a href="https://eonhk.com/product-category/backstage-equipment/" class="woodmart-nav-link"><span class="nav-link-text">Backstage Equipment</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10429 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/fitting-room/" class="woodmart-nav-link">Fitting Room</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10430 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/hanging-rack/" class="woodmart-nav-link">Hanging Rack</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10431 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/mannequin/" class="woodmart-nav-link">Mannequin</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10432 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/mirror/" class="woodmart-nav-link">Mirror</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10433 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/partition/" class="woodmart-nav-link">Partition</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10434 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/pipe-drape/" class="woodmart-nav-link">Pipe & Drape</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10435 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/plant/" class="woodmart-nav-link">Plant</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10474 item-level-1" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/" class="woodmart-nav-link">Stage Materials</a>
<ul class="sub-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10471 item-level-2" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/stage/" class="woodmart-nav-link">Stage</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10470 item-level-2" ><a href="https://eonhk.com/product-category/backstage-equipment/stage-materials/podium/" class="woodmart-nav-link">Podium</a></li>
</ul>
</li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10454 item-level-0" ><a href="https://eonhk.com/product-category/barrier-barricade-signage-%e9%90%b5%e9%a6%ac-%e6%8b%89%e5%b8%b6%e6%9f%b1-%e6%8c%87%e7%a4%ba%e7%89%8c/" class="woodmart-nav-link"><span class="nav-link-text">Barrier / Barricade / Signage 鐵馬 / 拉帶柱 / 指示牌</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10437 item-level-0" ><a href="https://eonhk.com/product-category/display-fridge-freezer/" class="woodmart-nav-link"><span class="nav-link-text">Display Fridge & Freezer</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10440 item-level-0" ><a href="https://eonhk.com/product-category/coolers/" class="woodmart-nav-link"><span class="nav-link-text">Cooler & Heater</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10441 item-level-1" ><a href="https://eonhk.com/product-category/coolers/cooler/" class="woodmart-nav-link">Cooler</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10442 item-level-1" ><a href="https://eonhk.com/product-category/coolers/fan/" class="woodmart-nav-link">Fan</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10443 item-level-1" ><a href="https://eonhk.com/product-category/coolers/gas-heater/" class="woodmart-nav-link">Gas Heater</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-has-children menu-item-10444 item-level-0" ><a href="https://eonhk.com/product-category/electric-equipment/" class="woodmart-nav-link"><span class="nav-link-text">Electric Equipment</span></a>
<ul class="wd-sub-menu">
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10445 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/coffee-machin/" class="woodmart-nav-link">Coffee Machin</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10446 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/oven/" class="woodmart-nav-link">Oven</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10447 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/printer/" class="woodmart-nav-link">Printer</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10448 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/shredder/" class="woodmart-nav-link">Shredder</a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10478 item-level-1" ><a href="https://eonhk.com/product-category/electric-equipment/water-dispenser/" class="woodmart-nav-link">Water Dispenser</a></li>
</ul>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10472 item-level-0" ><a href="https://eonhk.com/product-category/whiteboard-flipchart-locker-bin/" class="woodmart-nav-link"><span class="nav-link-text">Whiteboard, flipchart , Locker & Bin</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10460 item-level-0" ><a href="https://eonhk.com/product-category/brochure-rack/" class="woodmart-nav-link"><span class="nav-link-text">Brochure Rack & Display Rack</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-10463 item-level-0" ><a href="https://eonhk.com/product-category/marquee/" class="woodmart-nav-link"><span class="nav-link-text">Marquee & Umbrella</span></a></li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-product_cat menu-item-13339 item-level-0" ><a href="https://eonhk.com/product-category/bookable/" class="woodmart-nav-link"><span class="nav-link-text">Bookable</span></a></li>
</ul><ul id="menu-main-navigation" class="mobile-pages-menu menu wd-nav wd-nav-mobile wd-layout-dropdown wd-active"><li id="menu-item-8449" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-home current-menu-item page_item page-item-18 current_page_item menu-item-8449 item-level-0" ><a href="https://eonhk.com/" class="woodmart-nav-link"><span class="nav-link-text">Home</span></a></li>
<li id="menu-item-11381" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-11381 item-level-0" ><a href="#" class="woodmart-nav-link"><span class="nav-link-text">About Us</span></a>
<ul class="wd-sub-menu">
<li id="menu-item-8413" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8413 item-level-1" ><a href="https://eonhk.com/about-us/" class="woodmart-nav-link">About EON</a></li>
<li id="menu-item-8653" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8653 item-level-1" ><a href="https://eonhk.com/faqs/" class="woodmart-nav-link">FAQs</a></li>
<li id="menu-item-10372" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-privacy-policy menu-item-10372 item-level-1" ><a href="https://eonhk.com/terms-conditions/" class="woodmart-nav-link">Terms & Conditions</a></li>
</ul>
</li>
<li id="menu-item-11207" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-11207 item-level-0" ><a href="https://eonhk.com/product-category/furniture/chair-%e6%a4%85%e5%ad%90/" class="woodmart-nav-link"><span class="nav-link-text">Products</span></a></li>
<li id="menu-item-8703" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8703 item-level-0" ><a href="https://eonhk.com/services/" class="woodmart-nav-link"><span class="nav-link-text">Services</span></a></li>
<li id="menu-item-11360" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-11360 item-level-0" ><a href="#" class="woodmart-nav-link"><span class="nav-link-text">Solutions</span></a>
<ul class="wd-sub-menu">
<li id="menu-item-11361" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-11361 item-level-1" ><a href="https://eonhk.com/3d-printing/" class="woodmart-nav-link">3D Printing</a></li>
</ul>
</li>
<li id="menu-item-10388" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-10388 item-level-0" ><a href="https://eonhk.com/projects/" class="woodmart-nav-link"><span class="nav-link-text">Projects</span></a></li>
<li id="menu-item-8414" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-8414 item-level-0" ><a href="https://eonhk.com/contact-us/" class="woodmart-nav-link"><span class="nav-link-text">Contact Us</span></a></li>
<li id="menu-item-11256" class="desktop-hide btn-style-menu menu-item menu-item-type-custom menu-item-object-custom menu-item-11256 item-level-0" ><a href="https://eonhk.com/wp-content/uploads/2024/12/EON_Catalogue_20241206.pdf" class="woodmart-nav-link"><span class="nav-link-text">DOWNLOAD CATALOG</span></a></li>
<li class="menu-item menu-item-wishlist wd-with-icon item-level-0"> <a href="https://eonhk.com/wishlist/" class="woodmart-nav-link">
<span class="nav-link-text">Wishlist</span>
</a>
</li><li class="menu-item menu-item-compare wd-with-icon item-level-0"><a href="https://eonhk.com/compare/" class="woodmart-nav-link">Compare</a></li><li class="menu-item menu-item-account wd-with-icon item-level-0"><a href="https://eonhk.com/my-account/" class="woodmart-nav-link">Login / Register</a></li></ul>
</div> <div class="cart-widget-side wd-side-hidden wd-right">
<div class="wd-heading">
<span class="title">Shopping cart</span>
<div class="close-side-widget wd-action-btn wd-style-text wd-cross-icon">
<a href="#" rel="nofollow">Close</a>
</div>
</div>
<div class="widget woocommerce widget_shopping_cart"><div class="widget_shopping_cart_content"></div></div> </div>
<script type="speculationrules">
{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"/*"},{"not":{"href_matches":["/wp-*.php","/wp-admin/*","/wp-content/uploads/*","/wp-content/*","/wp-content/plugins/*","/wp-content/themes/woodmart/*","/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}
</script>
<script type='text/javascript'>
const lazyloadRunObserver = () => {
const lazyloadBackgrounds = document.querySelectorAll( `.e-con.e-parent:not(.e-lazyloaded)` );
const lazyloadBackgroundObserver = new IntersectionObserver( ( entries ) => {
entries.forEach( ( entry ) => {
if ( entry.isIntersecting ) {
let lazyloadBackground = entry.target;
if( lazyloadBackground ) {
lazyloadBackground.classList.add( 'e-lazyloaded' );
}
lazyloadBackgroundObserver.unobserve( entry.target );
}
});
}, { rootMargin: '200px 0px 200px 0px' } );
lazyloadBackgrounds.forEach( ( lazyloadBackground ) => {
lazyloadBackgroundObserver.observe( lazyloadBackground );
} );
};
const events = [
'DOMContentLoaded',
'elementor/lazyload/observe',
];
events.forEach( ( event ) => {
document.addEventListener( event, lazyloadRunObserver );
} );
</script>
<script type='text/javascript'>
(function () {
var c = document.body.className;
c = c.replace(/woocommerce-no-js/, 'woocommerce-js');
document.body.className = c;
})();
</script>
<script type="text/template" id="tmpl-variation-template">
<div class="woocommerce-variation-description">{{{ data.variation.variation_description }}}</div>
<div class="woocommerce-variation-price">{{{ data.variation.price_html }}}</div>
<div class="woocommerce-variation-availability">{{{ data.variation.availability_html }}}</div>
</script>
<script type="text/template" id="tmpl-unavailable-variation-template">
<p role="alert">Sorry, this product is unavailable. Please choose a different combination.</p>
</script>
<script id="wd-update-cart-fragments-fix-js-extra">
var wd_cart_fragments_params = {"ajax_url":"/wp-admin/admin-ajax.php","wc_ajax_url":"/?wc-ajax=%%endpoint%%","cart_hash_key":"wc_cart_hash_15479c8ef830bf73124f3999bdab52ae","fragment_name":"wc_fragments_15479c8ef830bf73124f3999bdab52ae","request_timeout":"5000"};
//# sourceURL=wd-update-cart-fragments-fix-js-extra
</script>
<script id="wd-update-cart-fragments-fix-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/updateCartFragmentsFix.js?ver=8.0.4"></script>
<script id="wapf-frontend-js-js-extra">
var wapf_config = {"page_type":"other"};
//# sourceURL=wapf-frontend-js-js-extra
</script>
<script id="wapf-frontend-js-js" src="https://eonhk.com/wp-content/plugins/advanced-product-fields-for-woocommerce/assets/js/frontend.min.js?ver=1.6.17"></script>
<script id="wp-hooks-js" src="https://eonhk.com/wp-includes/js/dist/hooks.min.js?ver=7496969728ca0f95732d"></script>
<script id="wp-i18n-js" src="https://eonhk.com/wp-includes/js/dist/i18n.min.js?ver=781d11515ad3d91786ec"></script>
<script id="wp-i18n-js-after">
wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } );
//# sourceURL=wp-i18n-js-after
</script>
<script id="swv-js" src="https://eonhk.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.2"></script>
<script id="contact-form-7-js-before">
var wpcf7 = {
"api": {
"root": "https:\/\/eonhk.com\/wp-json\/",
"namespace": "contact-form-7\/v1"
}
};
//# sourceURL=contact-form-7-js-before
</script>
<script id="contact-form-7-js" src="https://eonhk.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.2"></script>
<script id="chaty-front-end-js-extra">
var chaty_settings = {"ajax_url":"https://eonhk.com/wp-admin/admin-ajax.php","analytics":"0","capture_analytics":"0","token":"e8990a05c3","chaty_widgets":[{"id":0,"identifier":0,"settings":{"cta_type":"simple-view","cta_body":"","cta_head":"","cta_head_bg_color":"","cta_head_text_color":"","show_close_button":1,"position":"right","custom_position":1,"bottom_spacing":"25","side_spacing":"25","icon_view":"vertical","default_state":"click","cta_text":"","cta_text_color":"#333333","cta_bg_color":"#ffffff","show_cta":"first_click","is_pending_mesg_enabled":"off","pending_mesg_count":"1","pending_mesg_count_color":"#ffffff","pending_mesg_count_bgcolor":"#dd0000","widget_icon":"chat-base","widget_icon_url":"","font_family":"-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen-Sans,Ubuntu,Cantarell,Helvetica Neue,sans-serif","widget_size":"44","custom_widget_size":"44","is_google_analytics_enabled":0,"close_text":"Hide","widget_color":"#A886CD","widget_icon_color":"#ffffff","widget_rgb_color":"168,134,205","has_custom_css":0,"custom_css":"","widget_token":"1121e0c8ee","widget_index":"","attention_effect":""},"triggers":{"has_time_delay":1,"time_delay":"0","exit_intent":0,"has_display_after_page_scroll":0,"display_after_page_scroll":"0","auto_hide_widget":0,"hide_after":0,"show_on_pages_rules":[],"time_diff":0,"has_date_scheduling_rules":0,"date_scheduling_rules":{"start_date_time":"","end_date_time":""},"date_scheduling_rules_timezone":0,"day_hours_scheduling_rules_timezone":0,"has_day_hours_scheduling_rules":[],"day_hours_scheduling_rules":[],"day_time_diff":0,"show_on_direct_visit":0,"show_on_referrer_social_network":0,"show_on_referrer_search_engines":0,"show_on_referrer_google_ads":0,"show_on_referrer_urls":[],"has_show_on_specific_referrer_urls":0,"has_traffic_source":0,"has_countries":0,"countries":[],"has_target_rules":0},"channels":[{"channel":"Whatsapp","value":"85298894137","hover_text":"","chatway_position":"","svg_icon":"\u003Csvg width=\"39\" height=\"39\" viewBox=\"0 0 39 39\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"\u003E\u003Ccircle class=\"color-element\" cx=\"19.4395\" cy=\"19.4395\" r=\"19.4395\" fill=\"#49E670\"/\u003E\u003Cpath d=\"M12.9821 10.1115C12.7029 10.7767 11.5862 11.442 10.7486 11.575C10.1902 11.7081 9.35269 11.8411 6.84003 10.7767C3.48981 9.44628 1.39593 6.25317 1.25634 6.12012C1.11674 5.85403 2.13001e-06 4.39053 2.13001e-06 2.92702C2.13001e-06 1.46351 0.83755 0.665231 1.11673 0.399139C1.39592 0.133046 1.8147 1.01506e-06 2.23348 1.01506e-06C2.37307 1.01506e-06 2.51267 1.01506e-06 2.65226 1.01506e-06C2.93144 1.01506e-06 3.21063 -2.02219e-06 3.35022 0.532183C3.62941 1.19741 4.32736 2.66092 4.32736 2.79397C4.46696 2.92702 4.46696 3.19311 4.32736 3.32616C4.18777 3.59225 4.18777 3.59224 3.90858 3.85834C3.76899 3.99138 3.6294 4.12443 3.48981 4.39052C3.35022 4.52357 3.21063 4.78966 3.35022 5.05576C3.48981 5.32185 4.18777 6.38622 5.16491 7.18449C6.42125 8.24886 7.39839 8.51496 7.81717 8.78105C8.09636 8.91409 8.37554 8.9141 8.65472 8.648C8.93391 8.38191 9.21309 7.98277 9.49228 7.58363C9.77146 7.31754 10.0507 7.1845 10.3298 7.31754C10.609 7.45059 12.2841 8.11582 12.5633 8.38191C12.8425 8.51496 13.1217 8.648 13.1217 8.78105C13.1217 8.78105 13.1217 9.44628 12.9821 10.1115Z\" transform=\"translate(12.9597 12.9597)\" fill=\"#FAFAFA\"/\u003E\u003Cpath d=\"M0.196998 23.295L0.131434 23.4862L0.323216 23.4223L5.52771 21.6875C7.4273 22.8471 9.47325 23.4274 11.6637 23.4274C18.134 23.4274 23.4274 18.134 23.4274 11.6637C23.4274 5.19344 18.134 -0.1 11.6637 -0.1C5.19344 -0.1 -0.1 5.19344 -0.1 11.6637C-0.1 13.9996 0.624492 16.3352 1.93021 18.2398L0.196998 23.295ZM5.87658 19.8847L5.84025 19.8665L5.80154 19.8788L2.78138 20.8398L3.73978 17.9646L3.75932 17.906L3.71562 17.8623L3.43104 17.5777C2.27704 15.8437 1.55796 13.8245 1.55796 11.6637C1.55796 6.03288 6.03288 1.55796 11.6637 1.55796C17.2945 1.55796 21.7695 6.03288 21.7695 11.6637C21.7695 17.2945 17.2945 21.7695 11.6637 21.7695C9.64222 21.7695 7.76778 21.1921 6.18227 20.039L6.17557 20.0342L6.16817 20.0305L5.87658 19.8847Z\" transform=\"translate(7.7758 7.77582)\" fill=\"white\" stroke=\"white\" stroke-width=\"0.2\"/\u003E\u003C/svg\u003E","is_desktop":1,"is_mobile":1,"icon_color":"#49E670","icon_rgb_color":"73,230,112","channel_type":"Whatsapp","custom_image_url":"","order":"","pre_set_message":"Hi Eon https://eonhk.com","is_use_web_version":"0","is_open_new_tab":"1","is_default_open":"0","has_welcome_message":"0","emoji_picker":"1","input_placeholder":"Write your message...","chat_welcome_message":"\u003Cp\u003EHow can I help you? :)\u003C/p\u003E","wp_popup_headline":"Let's chat on WhatsApp","wp_popup_nickname":"","wp_popup_profile":"","wp_popup_head_bg_color":"#4AA485","qr_code_image_url":"","mail_subject":"","channel_account_type":"personal","contact_form_settings":[],"contact_fields":[],"url":"https://wa.me/85298894137","mobile_target":"","desktop_target":"","target":"","is_agent":0,"agent_data":[],"header_text":"","header_sub_text":"","header_bg_color":"","header_text_color":"","widget_token":"1121e0c8ee","widget_index":"","click_event":"","viber_url":""}]}],"data_analytics_settings":"off","lang":{"whatsapp_label":"WhatsApp Message","hide_whatsapp_form":"Hide WhatsApp Form","emoji_picker":"Show Emojis"},"has_chatway":""};
//# sourceURL=chaty-front-end-js-extra
</script>
<script defer id="chaty-front-end-js" src="https://eonhk.com/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.4.81745577107"></script>
<script id="sourcebuster-js-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=10.1.2"></script>
<script id="wc-order-attribution-js-extra">
var wc_order_attribution = {"params":{"lifetime":1.0e-5,"session":30,"base64":false,"ajaxurl":"https://eonhk.com/wp-admin/admin-ajax.php","prefix":"wc_order_attribution_","allowTracking":true},"fields":{"source_type":"current.typ","referrer":"current_add.rf","utm_campaign":"current.cmp","utm_source":"current.src","utm_medium":"current.mdm","utm_content":"current.cnt","utm_id":"current.id","utm_term":"current.trm","utm_source_platform":"current.plt","utm_creative_format":"current.fmt","utm_marketing_tactic":"current.tct","session_entry":"current_add.ep","session_start_time":"current_add.fd","session_pages":"session.pgs","session_count":"udata.vst","user_agent":"udata.uag"}};
//# sourceURL=wc-order-attribution-js-extra
</script>
<script id="wc-order-attribution-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=10.1.2"></script>
<script id="google-recaptcha-js" src="https://www.google.com/recaptcha/api.js?render=6LfjCWUrAAAAAFP-afrMFKNZRWgZfV-1YkF0ESCf&ver=3.0"></script>
<script id="wp-polyfill-js" src="https://eonhk.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0"></script>
<script id="wpcf7-recaptcha-js-before">
var wpcf7_recaptcha = {
"sitekey": "6LfjCWUrAAAAAFP-afrMFKNZRWgZfV-1YkF0ESCf",
"actions": {
"homepage": "homepage",
"contactform": "contactform"
}
};
//# sourceURL=wpcf7-recaptcha-js-before
</script>
<script id="wpcf7-recaptcha-js" src="https://eonhk.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=6.1.2"></script>
<script id="elementor-webpack-runtime-js" src="https://eonhk.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.26.0"></script>
<script id="elementor-frontend-modules-js" src="https://eonhk.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.26.0"></script>
<script id="jquery-ui-core-js" src="https://eonhk.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3"></script>
<script id="elementor-frontend-js-before">
var elementorFrontendConfig = {"environmentMode":{"edit":false,"wpPreview":false,"isScriptDebug":false},"i18n":{"shareOnFacebook":"Share on Facebook","shareOnTwitter":"Share on Twitter","pinIt":"Pin it","download":"Download","downloadImage":"Download image","fullscreen":"Fullscreen","zoom":"Zoom","share":"Share","playVideo":"Play Video","previous":"Previous","next":"Next","close":"Close","a11yCarouselPrevSlideMessage":"Previous slide","a11yCarouselNextSlideMessage":"Next slide","a11yCarouselFirstSlideMessage":"This is the first slide","a11yCarouselLastSlideMessage":"This is the last slide","a11yCarouselPaginationBulletMessage":"Go to slide"},"is_rtl":false,"breakpoints":{"xs":0,"sm":480,"md":768,"lg":1025,"xl":1440,"xxl":1600},"responsive":{"breakpoints":{"mobile":{"label":"Mobile Portrait","value":767,"default_value":767,"direction":"max","is_enabled":true},"mobile_extra":{"label":"Mobile Landscape","value":880,"default_value":880,"direction":"max","is_enabled":false},"tablet":{"label":"Tablet Portrait","value":1024,"default_value":1024,"direction":"max","is_enabled":true},"tablet_extra":{"label":"Tablet Landscape","value":1200,"default_value":1200,"direction":"max","is_enabled":false},"laptop":{"label":"Laptop","value":1366,"default_value":1366,"direction":"max","is_enabled":false},"widescreen":{"label":"Widescreen","value":2400,"default_value":2400,"direction":"min","is_enabled":false}},"hasCustomBreakpoints":false},"version":"3.26.0","is_static":false,"experimentalFeatures":{"e_font_icon_svg":true,"additional_custom_breakpoints":true,"container":true,"e_swiper_latest":true,"e_nested_atomic_repeaters":true,"e_onboarding":true,"e_css_smooth_scroll":true,"home_screen":true,"nested-elements":true,"editor_v2":true,"e_element_cache":true,"link-in-bio":true,"floating-buttons":true},"urls":{"assets":"https:\/\/eonhk.com\/wp-content\/plugins\/elementor\/assets\/","ajaxurl":"https:\/\/eonhk.com\/wp-admin\/admin-ajax.php","uploadUrl":"https:\/\/eonhk.com\/wp-content\/uploads"},"nonces":{"floatingButtonsClickTracking":"1aa6ad551f"},"swiperClass":"swiper","settings":{"page":[],"editorPreferences":[]},"kit":{"active_breakpoints":["viewport_mobile","viewport_tablet"],"global_image_lightbox":"yes","lightbox_enable_counter":"yes","lightbox_enable_fullscreen":"yes","lightbox_enable_zoom":"yes","lightbox_enable_share":"yes","lightbox_title_src":"title","lightbox_description_src":"description"},"post":{"id":18,"title":"Home%20-%20EON%20Rental%20Limited%20-%20Event%20Furniture%20Rental%20for%20Outdoor%20Event","excerpt":"","featuredImage":false}};
var elementorFrontendConfig = {"environmentMode":{"edit":false,"wpPreview":false,"isScriptDebug":false},"i18n":{"shareOnFacebook":"Share on Facebook","shareOnTwitter":"Share on Twitter","pinIt":"Pin it","download":"Download","downloadImage":"Download image","fullscreen":"Fullscreen","zoom":"Zoom","share":"Share","playVideo":"Play Video","previous":"Previous","next":"Next","close":"Close","a11yCarouselPrevSlideMessage":"Previous slide","a11yCarouselNextSlideMessage":"Next slide","a11yCarouselFirstSlideMessage":"This is the first slide","a11yCarouselLastSlideMessage":"This is the last slide","a11yCarouselPaginationBulletMessage":"Go to slide"},"is_rtl":false,"breakpoints":{"xs":0,"sm":480,"md":768,"lg":1025,"xl":1440,"xxl":1600},"responsive":{"breakpoints":{"mobile":{"label":"Mobile Portrait","value":767,"default_value":767,"direction":"max","is_enabled":true},"mobile_extra":{"label":"Mobile Landscape","value":880,"default_value":880,"direction":"max","is_enabled":false},"tablet":{"label":"Tablet Portrait","value":1024,"default_value":1024,"direction":"max","is_enabled":true},"tablet_extra":{"label":"Tablet Landscape","value":1200,"default_value":1200,"direction":"max","is_enabled":false},"laptop":{"label":"Laptop","value":1366,"default_value":1366,"direction":"max","is_enabled":false},"widescreen":{"label":"Widescreen","value":2400,"default_value":2400,"direction":"min","is_enabled":false}},"hasCustomBreakpoints":false},"version":"3.26.0","is_static":false,"experimentalFeatures":{"e_font_icon_svg":true,"additional_custom_breakpoints":true,"container":true,"e_swiper_latest":true,"e_nested_atomic_repeaters":true,"e_onboarding":true,"e_css_smooth_scroll":true,"home_screen":true,"nested-elements":true,"editor_v2":true,"e_element_cache":true,"link-in-bio":true,"floating-buttons":true},"urls":{"assets":"https:\/\/eonhk.com\/wp-content\/plugins\/elementor\/assets\/","ajaxurl":"https:\/\/eonhk.com\/wp-admin\/admin-ajax.php","uploadUrl":"https:\/\/eonhk.com\/wp-content\/uploads"},"nonces":{"floatingButtonsClickTracking":"1aa6ad551f"},"swiperClass":"swiper","settings":{"page":[],"editorPreferences":[]},"kit":{"active_breakpoints":["viewport_mobile","viewport_tablet"],"global_image_lightbox":"yes","lightbox_enable_counter":"yes","lightbox_enable_fullscreen":"yes","lightbox_enable_zoom":"yes","lightbox_enable_share":"yes","lightbox_title_src":"title","lightbox_description_src":"description"},"post":{"id":18,"title":"Home%20-%20EON%20Rental%20Limited%20-%20Event%20Furniture%20Rental%20for%20Outdoor%20Event","excerpt":"","featuredImage":false}};
//# sourceURL=elementor-frontend-js-before
</script>
<script id="elementor-frontend-js" src="https://eonhk.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.26.0"></script>
<script id="woodmart-theme-js-extra">
var woodmart_settings = {"menu_storage_key":"woodmart_7d44664c96aa7af30fa9803158f8f5b2","ajax_dropdowns_save":"1","photoswipe_close_on_scroll":"1","woocommerce_ajax_add_to_cart":"yes","variation_gallery_storage_method":"new","elementor_no_gap":"enabled","adding_to_cart":"Processing","added_to_cart":"Product was successfully added to your cart.","continue_shopping":"Continue shopping","view_cart":"View Cart","go_to_checkout":"Checkout","loading":"Loading...","countdown_days":"days","countdown_hours":"hr","countdown_mins":"min","countdown_sec":"sc","cart_url":"https://eonhk.com/cart/","ajaxurl":"https://eonhk.com/wp-admin/admin-ajax.php","add_to_cart_action":"widget","added_popup":"no","categories_toggle":"yes","enable_popup":"no","popup_delay":"2000","popup_event":"time","popup_scroll":"1000","popup_pages":"0","promo_popup_hide_mobile":"yes","product_images_captions":"no","ajax_add_to_cart":"1","all_results":"View all results","zoom_enable":"yes","ajax_scroll":"yes","ajax_scroll_class":".wd-page-content","ajax_scroll_offset":"100","infinit_scroll_offset":"300","product_slider_auto_height":"no","price_filter_action":"click","product_slider_autoplay":"","close":"Close (Esc)","share_fb":"Share on Facebook","pin_it":"Pin it","tweet":"Share on X","download_image":"Download image","off_canvas_column_close_btn_text":"Close","cookies_version":"1","header_banner_version":"1","promo_version":"1","header_banner_close_btn":"yes","header_banner_enabled":"no","whb_header_clone":"\n \u003Cdiv class=\"whb-sticky-header whb-clone whb-main-header \u003C%wrapperClasses%\u003E\"\u003E\n \u003Cdiv class=\"\u003C%cloneClass%\u003E\"\u003E\n \u003Cdiv class=\"container\"\u003E\n \u003Cdiv class=\"whb-flex-row whb-general-header-inner\"\u003E\n \u003Cdiv class=\"whb-column whb-col-left whb-visible-lg\"\u003E\n \u003C%.site-logo%\u003E\n \u003C/div\u003E\n \u003Cdiv class=\"whb-column whb-col-center whb-visible-lg\"\u003E\n \u003C%.wd-header-main-nav%\u003E\n \u003C/div\u003E\n \u003Cdiv class=\"whb-column whb-col-right whb-visible-lg\"\u003E\n \u003C%.wd-header-my-account%\u003E\n \u003C%.wd-header-search:not(.wd-header-search-mobile)%\u003E\n \u003C%.wd-header-wishlist%\u003E\n \u003C%.wd-header-compare%\u003E\n \u003C%.wd-header-cart%\u003E\n \u003C%.wd-header-fs-nav%\u003E\n \u003C/div\u003E\n \u003C%.whb-mobile-left%\u003E\n \u003C%.whb-mobile-center%\u003E\n \u003C%.whb-mobile-right%\u003E\n \u003C/div\u003E\n \u003C/div\u003E\n \u003C/div\u003E\n \u003C/div\u003E\n","pjax_timeout":"5000","split_nav_fix":"","shop_filters_close":"no","woo_installed":"1","base_hover_mobile_click":"no","centered_gallery_start":"1","quickview_in_popup_fix":"","one_page_menu_offset":"150","hover_width_small":"1","is_multisite":"","current_blog_id":"1","swatches_scroll_top_desktop":"no","swatches_scroll_top_mobile":"no","lazy_loading_offset":"0","add_to_cart_action_timeout":"no","add_to_cart_action_timeout_number":"3","single_product_variations_price":"no","google_map_style_text":"Custom style","quick_shop":"yes","sticky_product_details_offset":"150","sticky_product_details_different":"100","preloader_delay":"300","comment_images_upload_size_text":"Some files are too large. Allowed file size is 1 MB.","comment_images_count_text":"You can upload up to 3 images to your review.","single_product_comment_images_required":"no","comment_required_images_error_text":"Image is required.","comment_images_upload_mimes_text":"You are allowed to upload images only in png, jpeg formats.","comment_images_added_count_text":"Added %s image(s)","comment_images_upload_size":"1048576","comment_images_count":"3","search_input_padding":"no","comment_images_upload_mimes":{"jpg|jpeg|jpe":"image/jpeg","png":"image/png"},"home_url":"https://eonhk.com/","shop_url":"https://eonhk.com/shop/","age_verify":"no","banner_version_cookie_expires":"60","promo_version_cookie_expires":"7","age_verify_expires":"30","countdown_timezone":"GMT","cart_redirect_after_add":"no","swatches_labels_name":"no","product_categories_placeholder":"Select a category","product_categories_no_results":"No matches found","cart_hash_key":"wc_cart_hash_15479c8ef830bf73124f3999bdab52ae","fragment_name":"wc_fragments_15479c8ef830bf73124f3999bdab52ae","photoswipe_template":"\u003Cdiv class=\"pswp\" aria-hidden=\"true\" role=\"dialog\" tabindex=\"-1\"\u003E\u003Cdiv class=\"pswp__bg\"\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__scroll-wrap\"\u003E\u003Cdiv class=\"pswp__container\"\u003E\u003Cdiv class=\"pswp__item\"\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__item\"\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__item\"\u003E\u003C/div\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__ui pswp__ui--hidden\"\u003E\u003Cdiv class=\"pswp__top-bar\"\u003E\u003Cdiv class=\"pswp__counter\"\u003E\u003C/div\u003E\u003Cbutton class=\"pswp__button pswp__button--close\" title=\"Close (Esc)\"\u003E\u003C/button\u003E \u003Cbutton class=\"pswp__button pswp__button--share\" title=\"Share\"\u003E\u003C/button\u003E \u003Cbutton class=\"pswp__button pswp__button--fs\" title=\"Toggle fullscreen\"\u003E\u003C/button\u003E \u003Cbutton class=\"pswp__button pswp__button--zoom\" title=\"Zoom in/out\"\u003E\u003C/button\u003E\u003Cdiv class=\"pswp__preloader\"\u003E\u003Cdiv class=\"pswp__preloader__icn\"\u003E\u003Cdiv class=\"pswp__preloader__cut\"\u003E\u003Cdiv class=\"pswp__preloader__donut\"\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003Cdiv class=\"pswp__share-modal pswp__share-modal--hidden pswp__single-tap\"\u003E\u003Cdiv class=\"pswp__share-tooltip\"\u003E\u003C/div\u003E\u003C/div\u003E\u003Cbutton class=\"pswp__button pswp__button--arrow--left\" title=\"Previous (arrow left)\"\u003E\u003C/button\u003E \u003Cbutton class=\"pswp__button pswp__button--arrow--right\" title=\"Next (arrow right)\u003E\"\u003E\u003C/button\u003E\u003Cdiv class=\"pswp__caption\"\u003E\u003Cdiv class=\"pswp__caption__center\"\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E\u003C/div\u003E","load_more_button_page_url":"yes","load_more_button_page_url_opt":"yes","menu_item_hover_to_click_on_responsive":"no","clear_menu_offsets_on_resize":"yes","three_sixty_framerate":"60","three_sixty_prev_next_frames":"5","ajax_search_delay":"300","animated_counter_speed":"3000","site_width":"1222","cookie_secure_param":"1","cookie_path":"/","theme_dir":"https://eonhk.com/wp-content/themes/woodmart","slider_distortion_effect":"sliderWithNoise","current_page_builder":"elementor","collapse_footer_widgets":"yes","carousel_breakpoints":{"1025":"lg","768.98":"md","0":"sm"},"ajax_fullscreen_content":"yes","grid_gallery_control":"hover","grid_gallery_enable_arrows":"none","ajax_shop":"1","add_to_cart_text":"Add to cart","mobile_navigation_drilldown_back_to":"Back to %s","mobile_navigation_drilldown_back_to_main_menu":"Back to menu","mobile_navigation_drilldown_back_to_categories":"Back to categories","tooltip_left_selector":".wd-buttons[class*=\"wd-pos-r\"] .wd-action-btn, .wd-portfolio-btns .portfolio-enlarge","tooltip_top_selector":".wd-tooltip, .wd-buttons:not([class*=\"wd-pos-r\"]) \u003E .wd-action-btn, body:not(.catalog-mode-on):not(.login-see-prices) .wd-hover-base .wd-bottom-actions .wd-action-btn.wd-style-icon, .wd-hover-base .wd-compare-btn, body:not(.logged-in) .wd-review-likes a","ajax_links":".wd-nav-product-cat a, .wd-page-wrapper .widget_product_categories a, .widget_layered_nav_filters a, .woocommerce-widget-layered-nav a, .filters-area:not(.custom-content) a, body.post-type-archive-product:not(.woocommerce-account) .woocommerce-pagination a, body.tax-product_cat:not(.woocommerce-account) .woocommerce-pagination a, .wd-shop-tools a:not([rel=\"v:url\"]), .woodmart-woocommerce-layered-nav a, .woodmart-price-filter a, .wd-clear-filters a, .woodmart-woocommerce-sort-by a, .woocommerce-widget-layered-nav-list a, .wd-widget-stock-status a, .widget_nav_mega_menu a, .wd-products-shop-view a, .wd-products-per-page a, .category-grid-item a, .wd-cat a, body[class*=\"tax-pa_\"] .woocommerce-pagination a","wishlist_expanded":"no","wishlist_show_popup":"","wishlist_page_nonce":"275e1861c3","wishlist_fragments_nonce":"88a10f3122","wishlist_remove_notice":"Do you really want to remove these products?","wishlist_hash_name":"woodmart_wishlist_hash_1a7636156c1a70825864e2c7f8479b5e","wishlist_fragment_name":"woodmart_wishlist_fragments_1a7636156c1a70825864e2c7f8479b5e","wishlist_save_button_state":"no","is_criteria_enabled":"","summary_criteria_ids":"","review_likes_tooltip":"Please log in to rate reviews.","vimeo_library_url":"https://eonhk.com/wp-content/themes/woodmart/js/libs/vimeo-player.min.js","compare_by_category":"no","compare_page_nonce":"42b3960fd8","compare_save_button_state":"no","reviews_criteria_rating_required":"no","is_rating_summary_filter_enabled":""};
var woodmart_page_css = {"wd-helpers-wpb-elem-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/helpers-wpb-elem.min.css","wd-widget-recent-post-comments-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css","wd-widget-wd-recent-posts-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-wd-recent-posts.min.css","wd-widget-nav-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/widget-nav.min.css","wd-widget-wd-layered-nav-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-wd-layered-nav.min.css","wd-woo-mod-swatches-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-swatches-base.min.css","wd-woo-mod-swatches-filter-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-swatches-filter.min.css","wd-widget-product-cat-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-product-cat.min.css","wd-widget-product-list-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-product-list.min.css","wd-wpcf7-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/int-wpcf7.min.css","wd-revolution-slider-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/int-rev-slider.min.css","wd-woo-paypal-payments-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/int-woo-paypal-payments.min.css","wd-elementor-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/int-elem-base.min.css","wd-woocommerce-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woocommerce-base.min.css","wd-mod-star-rating-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-star-rating.min.css","wd-woo-el-track-order-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-el-track-order.min.css","wd-woocommerce-block-notices-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-block-notices.min.css","wd-wp-blocks-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/wp-blocks.min.css","wd-header-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-base.min.css","wd-mod-tools-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-tools.min.css","wd-header-elements-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-base.min.css","wd-social-icons-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-social-icons.min.css","wd-header-search-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-search.min.css","wd-header-search-form-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-search-form.min.css","wd-wd-search-results-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-results.min.css","wd-wd-search-form-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-form.min.css","wd-wd-search-cat-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/wd-search-cat.min.css","wd-header-my-account-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-my-account.min.css","wd-header-cart-side-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-cart-side.min.css","wd-header-cart-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-cart.min.css","wd-widget-shopping-cart-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-widget-shopping-cart.min.css","wd-header-mobile-nav-dropdown-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-mobile-nav-dropdown.min.css","wd-header-categories-nav-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/header-el-category-nav.min.css","wd-mod-nav-vertical-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-nav-vertical.min.css","wd-mod-nav-vertical-design-default-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-nav-vertical-design-default.min.css","wd-button-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-button.min.css","wd-section-title-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-section-title.min.css","wd-el-subtitle-style-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-subtitle-style.min.css","wd-categories-loop-center-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-center-old.min.css","wd-woo-categories-loop-layout-masonry-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-layout-masonry.min.css","wd-woo-categories-loop-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop.min.css","wd-categories-loop-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-categories-loop-old.min.css","wd-tabs-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-tabs.min.css","wd-product-tabs-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-product-tabs.min.css","wd-sticky-loader-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-sticky-loader.min.css","wd-product-loop-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-product-loop.min.css","wd-product-loop-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-product-loop-base.min.css","wd-woo-mod-add-btn-replace-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-add-btn-replace.min.css","wd-mod-more-description-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-more-description.min.css","wd-woo-mod-product-labels-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-product-labels.min.css","wd-woo-mod-product-labels-round-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/woo-mod-product-labels-round.min.css","wd-mfp-popup-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css","wd-swiper-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper.min.css","wd-slider-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-slider.min.css","wd-animations-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/mod-animations-transform.min.css","wd-info-box-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-info-box.min.css","wd-swiper-arrows-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper-arrows.min.css","wd-swiper-pagin-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/lib-swiper-pagin.min.css","wd-text-block-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-text-block.min.css","wd-blog-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-base.min.css","wd-blog-loop-base-old-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-loop-base-old.min.css","wd-blog-loop-design-masonry-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/blog-loop-design-masonry.min.css","wd-image-gallery-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-gallery.min.css","wd-widget-collapse-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/opt-widget-collapse.min.css","wd-footer-base-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/footer-base.min.css","wd-list-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-list.min.css","wd-el-list-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/el-list-wpb-elem.min.css","wd-scroll-top-css":"https://eonhk.com/wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css"};
//# sourceURL=woodmart-theme-js-extra
</script>
<script id="woodmart-theme-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/helpers.min.js?ver=8.0.4"></script>
<script id="wd-woocommerce-notices-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/woocommerceNotices.min.js?ver=8.0.4"></script>
<script id="wd-header-builder-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/header/headerBuilder.min.js?ver=8.0.4"></script>
<script id="wd-autocomplete-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/autocomplete.min.js?ver=8.0.4"></script>
<script id="wd-ajax-search-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/ajaxSearch.min.js?ver=8.0.4"></script>
<script id="wd-simple-dropdown-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/menu/simpleDropdown.min.js?ver=8.0.4"></script>
<script id="wd-login-dropdown-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/loginDropdown.min.js?ver=8.0.4"></script>
<script id="wd-wishlist-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/wishlist.min.js?ver=8.0.4"></script>
<script id="wd-compare-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/woodmartCompare.min.js?ver=8.0.4"></script>
<script id="wd-on-remove-from-cart-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/onRemoveFromCart.min.js?ver=8.0.4"></script>
<script id="wd-header-categories-menu-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/headerCategoriesMenu.min.js?ver=8.0.4"></script>
<script id="wd-menu-offsets-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/menu/menuOffsets.min.js?ver=8.0.4"></script>
<script id="wd-menu-setup-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/menu/menuSetUp.min.js?ver=8.0.4"></script>
<script id="imagesloaded-js" src="https://eonhk.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0"></script>
<script id="wd-isotope-bundle-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/isotope-bundle.min.js?ver=8.0.4"></script>
<script id="wd-shop-masonry-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/shopMasonry.min.js?ver=8.0.4"></script>
<script id="wd-products-tabs-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/productsTabs.min.js?ver=8.0.4"></script>
<script id="wd-quick-shop-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/quickShop.min.js?ver=8.0.4"></script>
<script id="wd-swatches-variations-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/swatchesVariations.min.js?ver=8.0.4"></script>
<script id="wd-add-to-cart-all-types-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/addToCartAllTypes.min.js?ver=8.0.4"></script>
<script id="underscore-js" src="https://eonhk.com/wp-includes/js/underscore.min.js?ver=1.13.8"></script>
<script id="wp-util-js-extra">
var _wpUtilSettings = {"ajax":{"url":"/wp-admin/admin-ajax.php"}};
//# sourceURL=wp-util-js-extra
</script>
<script id="wp-util-js" src="https://eonhk.com/wp-includes/js/wp-util.min.js?ver=7.0"></script>
<script id="wc-add-to-cart-variation-js-extra">
var wc_add_to_cart_variation_params = {"wc_ajax_url":"/?wc-ajax=%%endpoint%%","i18n_no_matching_variations_text":"Sorry, no products matched your selection. Please choose a different combination.","i18n_make_a_selection_text":"Please select some product options before adding this product to your cart.","i18n_unavailable_text":"Sorry, this product is unavailable. Please choose a different combination.","i18n_reset_alert_text":"Your selection has been reset. Please select some product options before adding this product to your cart."};
//# sourceURL=wc-add-to-cart-variation-js-extra
</script>
<script data-wp-strategy="defer" defer id="wc-add-to-cart-variation-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=10.1.2"></script>
<script id="wd-product-hover-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/productHover.min.js?ver=8.0.4"></script>
<script id="wd-product-more-description-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/productMoreDescription.min.js?ver=8.0.4"></script>
<script id="wd-btns-tooltips-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/btnsToolTips.min.js?ver=8.0.4"></script>
<script id="wd-tooltips-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/tooltips.min.js?ver=8.0.4"></script>
<script id="wd-action-after-add-to-cart-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/actionAfterAddToCart.min.js?ver=8.0.4"></script>
<script id="wd-swiper-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/swiper.min.js?ver=8.0.4"></script>
<script id="wd-swiper-carousel-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/swiperInit.min.js?ver=8.0.4"></script>
<script id="wd-magnific-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/magnific-popup.min.js?ver=8.0.4"></script>
<script id="wd-product-images-gallery-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/productImagesGallery.min.js?ver=8.0.4"></script>
<script id="wd-quick-view-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/quickView.min.js?ver=8.0.4"></script>
<script id="wd-woocommerce-quantity-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/woocommerceQuantity.min.js?ver=8.0.4"></script>
<script id="wd-slider-element-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/elements/slider.min.js?ver=8.0.4"></script>
<script id="wd-waypoints-library-js" src="https://eonhk.com/wp-content/themes/woodmart/js/libs/waypoints.min.js?ver=8.0.4"></script>
<script id="wd-animations-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/animations.min.js?ver=8.0.4"></script>
<script id="wd-widget-collapse-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/widgetCollapse.min.js?ver=8.0.4"></script>
<script id="wd-mfp-popup-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/mfpPopup.min.js?ver=8.0.4"></script>
<script id="wd-scroll-top-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/global/scrollTop.min.js?ver=8.0.4"></script>
<script id="wd-mobile-navigation-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/menu/mobileNavigation.min.js?ver=8.0.4"></script>
<script id="wd-cart-widget-js" src="https://eonhk.com/wp-content/themes/woodmart/js/scripts/wc/cartWidget.min.js?ver=8.0.4"></script>
<script id="wc-cart-fragments-js-extra">
var wc_cart_fragments_params = {"ajax_url":"/wp-admin/admin-ajax.php","wc_ajax_url":"/?wc-ajax=%%endpoint%%","cart_hash_key":"wc_cart_hash_15479c8ef830bf73124f3999bdab52ae","fragment_name":"wc_fragments_15479c8ef830bf73124f3999bdab52ae","request_timeout":"5000"};
//# sourceURL=wc-cart-fragments-js-extra
</script>
<script data-wp-strategy="defer" defer id="wc-cart-fragments-js" src="https://eonhk.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=10.1.2"></script>
<script>
SR7.JSON['woodmart-main-slider'] = {"settings":{"id":"woodmart-main-slider","migrated":"sr6","uSize":[false,true,true,true,true],"title":"Main slider","alias":"main-slider","type":"standard","lazyLoad":"smart","vPort":["20%","20%","20%","20%","20%"],"size":{"fullHeightOffset":",","contentFH":true,"width":[1240,1240,1024,778,480],"height":[495,495,476,500,700],"cachedHeight":[495,495,476,500,700],"maxWidth":"","p":{"t":[0,0,0,0,0],"b":[0,0,0,0,0],"l":[0,0,0,0,0],"r":[0,0,0,0,0]},"m":{"t":[0,0,0,0,0],"b":[0,0,0,0,0],"l":[0,0,0,0,0],"r":[0,0,0,0,0]}},"default":{"len":"9000"},"carousel":{"type":"h","align":"center","maxV":3,"justify":false,"scale":false,"minS":50,"vScale":false,"oScale":false,"space":"0","rotation":false,"maxR":"0","varR":false,"opacity":true,"maxO":100,"varO":false,"spin":"off","spinA":0,"snap":true,"infinity":false,"skewX":0,"skewY":0,"ease":"power3.inOut","dur":"800","overshoot":false,"stretch":false,"showAllLayers":false,"jMWidth":false,"bR":"0","bRU":"px","pNV":"50px","pT":"0","pB":"0"},"pLoader":{"color":"#FFFFFF","type":"0"},"slideshow":{"sOH":true,"initDelay":"0"},"general":{"perspectiveType":"local","lazyLoad":"smart","slideshow":{"globalViewPort":"true","globalViewDist":"-200px"}},"shdw":"0","bg":{"color":{"type":"solid","orig":"#f8f8f8","string":"rgba(248, 248, 248, 1)"}},"mod":{"use":true,"dOM":true,"d3d":27.5,"t":"mouse"},"nav":{"m":{"use":false,"cd":1000},"s":{"use":true,"desk":true,"t":"50"},"p":{"w":"100","h":"50"},"arrows":{"set":true,"def":{"bg-color":{"title":"Background","type":"color","data":"#ffffff"},"size":{"title":"Size","type":"custom","data":"60"},"padding":{"title":"Padding","type":"custom","data":"10"},"arrow-color":{"title":"Arrow-Color","type":"color","data":"#000000"},"bg-hover-color":{"title":"Hover-Background","type":"color","data":"rgba(255,255,255,0.75)"}},"cst":{"padding-def":true,"padding":"3","size-def":true,"size":"45","bg-color":"#ffffff","bg-color-def":false,"arrow-color":"#000000","arrow-color-def":false,"bg-hover-color":"rgba(255,255,255,0.75)","bg-hover-color-def":false},"key":"metis","t":1011,"m":"hslide","css":".metis.sr7-arrows {\n background:##bg-color##;\n padding:##padding##px;\n transition:all 0.3s;\n -webkit-transition:all 0.3s;\n width:##size##px;\n height:##size##px;\n box-sizing:border-box;\n }\n \n .metis.sr7-arrows.sr7-touchhover {\n background:##bg-hover-color##;\n }\n \n .metis.sr7-arrows:before {\n color:##arrow-color##; \n transition:all 0.3s;\n -webkit-transition:all 0.3s;\n }\n \n .metis.sr7-arrows.sr7-touchhover:before {\n transform:scale(1.5);\n }\n ","html":"","ps":"arrow-size","on":true,"s":1000,"dIn":["#a",1000,"#a","#a","#a"],"dOut":["#a",200,"#a","#a","1200"],"show":[true,true,true,false,false],"l":{"a":"slider","anim":"fade","x":["#a","20","#a","#a","#a"],"y":["#a","0","#a","#a","#a"],"v":["#a","center","#a","#a","#a"],"h":["#a","left","#a","#a","#a"]},"r":{"a":"slider","anim":"fade","x":["#a","20","#a","#a","#a"],"y":["#a","0","#a","#a","#a"],"v":["#a","center","#a","#a","#a"],"h":["#a","right","#a","#a","#a"]}},"bullets":{"set":true,"def":{"bullet-size":{"title":"Bullet-Size","type":"custom","data":"16"},"bullet-color":{"title":"Bullet-Color","type":"color","data":"#ffffff"},"border":{"title":"Border-Thickness","type":"custom","data":"2"},"bullet-hover":{"title":"Hover-Bullet","type":"color","data":"rgba(0,0,0,0.21)"}},"cst":{"bullet-size":"16","bullet-size-def":false,"bullet-color":"#ffffff","bullet-color-def":false,"border":"2","border-def":false,"bullet-hover":"rgba(0,0,0,0.21)","bullet-hover-def":false},"key":"hermes","t":3005,"css":".hermes.sr7-bullets {\n}\n\n.hermes .sr7-bullet {\n overflow:hidden;\n border-radius:50%;\n width:##bullet-size##px;\n height:##bullet-size##px;\n background-color: rgba(0, 0, 0, 0);\n box-shadow: inset 0 0 0 ##border##px ##bullet-color##;\n -webkit-transition: background 0.3s ease;\n transition: background 0.3s ease;\n position:absolute;\n}\n\n.hermes .sr7-bullet.sr7-touchhover {\n\t background-color: ##bullet-hover##;\n}\n.hermes .sr7-bullet:after {\n content: ' ';\n position: absolute;\n bottom: 0;\n height: 0;\n left: 0;\n width: 100%;\n background-color: ##bullet-color##;\n box-shadow: 0 0 1px ##bullet-color##;\n -webkit-transition: height 0.3s ease;\n transition: height 0.3s ease;\n}\n.hermes .sr7-bullet.selected:after {\n height:100%;\n}\n","html":"","on":true,"d":["#a","horizontal","#a","#a","#a"],"ps":"arrow-size","s":1000,"dIn":["#a",1000,"#a","#a","#a"],"dOut":["#a",200,"#a","#a","1200"],"show":[true,true,true,true,true],"g":5,"a":"slider","anim":"fade","x":["#a","0","#a","#a","#a"],"y":["#a","20","#a","#a","#a"],"v":["#a","bottom","#a","#a","#a"],"h":["#a","center","#a","#a","#a"]}},"aU":[],"imgs":[{"lib_id":14064,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2026\/06\/Website-Bannar.jpg"},{"lib_id":13607,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2025\/10\/wwwwwww-1-02.jpg"},{"lib_id":13606,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2025\/10\/rwrwrw-02.jpg"},{"lib_id":13605,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2025\/10\/eeeee-02.jpg"},{"lib_id":13604,"lib":"medialibrary","src":"https:\/\/eonhk.com\/wp-content\/uploads\/2025\/10\/fffff-1-02.jpg"}],"codes":{"css":"","js":""},"version":"6.7.20"},"slides":{"1":{"id":1,"slide":{"addOns":[],"id":1,"version":"6.7.18","title":"Slide","parentId":null,"language":"default","order":1,"thumb":{"src":"","srcId":"","admin":"","adminId":"","dimension":"slider","default":{"color":"rgba(248, 248, 248, 1)"}},"description":"","attr":{"class":"","data":"","id":"","a":"","aO":"ml","t":"","tO":"","deepLink":"","attr":""},"publish":{"from":"","to":"","state":""},"slideshow":{"stop":false,"len":"default","hal":0,"hom":false,"hfn":false},"loop":{"u":false,"r":-1,"s":0,"e":99999}},"layers":{"6":{"fluid":{"tx":true,"tr":true,"sp":true},"id":6,"alias":"Image-6","content":{"src":"https:\/\/eonhk.com\/wp-content\/uploads\/2026\/06\/Website-Bannar.jpg","lib":"medialibrary","lib_id":14064,"size":"100% 100%"},"size":{"w":["1030px","1030px","850px","645px","397px"],"h":["515px","515px","425px","322px","198px"],"minW":["none","none","none","none","none"],"minH":["none","none","none","none","none"],"sProp":true},"pos":{"x":["297px","297px","245px","186px","114px"],"y":["auto","auto","auto","auto","auto"],"pos":"absolute","float":["none","none","none","none","none"],"clear":["none","none","none","none","none"]},"zIndex":6,"order":6,"display":["block","block","block","block","block"],"vA":"top","bg":{"color":{"orig":"transparent","type":"solid","string":"transparent"}},"attr":{"aO":"ml","tO":"ml"},"tl":{"in":{"content":{"pers":"600px","orig":{"x":"50%","y":"50%","z":"0"},"all":[{"t":0,"d":0,"f":0,"e":"power3.inOut","pE":"d","x":[0,0,0,0,0],"y":[0,0,0,0,0],"o":0,"xRe":0,"yRe":0,"off":0},{"t":0,"d":300,"f":300,"e":"power3.inOut","pE":"d","x":[0,0,0,0,0],"y":[0,0,0,0,0],"o":1,"xRe":0,"yRe":0,"off":0}]}},"out":{"content":{"pers":"600px","orig":{"x":"50%","y":"50%","z":"0"},"all":[{"t":0,"d":300,"f":300,"e":"power3.inOut","pE":"n","x":["inherit","inherit","inherit","inherit","inherit"],"y":["inherit","inherit","inherit","inherit","inherit"],"o":0,"xRe":0,"yRe":0,"off":0}]}}},"p":{"t":[0,0,0,0,0],"b":[0,0,0,0,0],"l":[0,0,0,0,0],"r":[0,0,0,0,0]},"m":{"t":[0,0,0,0,0],"b":[0,0,0,0,0],"l":[0,0,0,0,0],"r":[0,0,0,0,0]},"type":"image"},"7":{"rTo":"slide","id":7,"alias":"Slide BG Layer","subtype":"slidebg","size":{"cMode":"cover"},"pos":{"h":["center","center","center","center","center"],"v":["center","center","center","center","center"],"pos":"absolute"},"zIndex":0,"order":0,"display":["block","block","block","block","block"],"bg":{"color":{"type":"solid","orig":"#f8f8f8","string":"rgba(248, 248, 248, 1)"}},"tl":{"in":{"bg":{"ms":600,"rnd":false,"temp":{"t":"*opacity* Fade In","p":"fade","m":"basic","g":"fade"},"addOns":[],"in":{"o":0},"out":{"a":false}}}},"type":"shape"}}},"9":{"id":9,"slide":{"addOns":[],"id":9,"version":"6.7.20","title":"Slide","parentId":null,"language":"default","order":2,"thumb":{"src":"","srcId":"","admin":"","adminId":"","dimension":"slider","default":{"color":"rgba(248, 248, 248, 1)"}},"description":"","attr":{"class":"","data":"","id":"","a":"","aO":"ml","t":"","tO":"","deepLink":"","attr":""},"publish":{"from":"","to":"","state":""},"slideshow":{"stop":false,"len":"default","hal":0,"hom":false,"hfn":false},"loop":{"u":false,"r":-1,"s":0,"e":99999}},"layers":[]},"3":{"id":3,"slide":{"addOns":[],"id":3,"version":"6.7.18","title":"Slide","parentId":null,"language":"default","order":3,"thumb":{"src":"","srcId":"","admin":"","adminId":"","dimension":"slider","default":{"color":"rgba(248, 248, 248, 1)"}},"description":"","attr":{"class":"","data":"","id":"","a":"","aO":"ml","t":"","tO":"","deepLink":"","attr":""},"publish":{"from":"","to":"","state":""},"slideshow":{"stop":false,"len":"default","hal":0,"hom":false,"hfn":false},"loop":{"u":false,"r":-1,"s":0,"e":99999}},"layers":[]},"4":{"id":"4","slide":{"addOns":[],"id":4,"version":"6.7.18","title":"Global Layers","parentId":null,"language":"default","oflow":false,"global":true,"respVP":true,"pos":"front","fullHeight":true},"layers":[]}},"id":"1","addOns":[]};
if (SR7.F.init) SR7.F.init(); // DOUBLE CALL NOT A PROBLEM, MANAGED IN INIT
document.addEventListener('DOMContentLoaded', function() {if (SR7.F.init) SR7.F.init(); else SR7.shouldBeInited = true;});
window.addEventListener('load', function() {if (SR7.F.init) SR7.F.init(); else SR7.shouldBeInited = true; });
SR7.E.v6v7ids ??= {}
SR7.E.v6v7ids = JSON.parse('{\"n\":{\"1\":1,\"2\":2,\"3\":3,\"4\":5,\"8\":9,\"15\":18},\"s\":{\"1\":4}}');
</script>
</body>
</html>
--9b36bd08-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "213.110.253.188_9b23512a6386ba95383618e35feb279fd7a0a60e"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "213.110.253.188_9b23512a6386ba95383618e35feb279fd7a0a60e"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/index.php"] [unique_id "akUl41ARN0ItUDdAEIz26AAAAQk"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/eonhk.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1782916579756708 5081951 (- - -)
Stopwatch2: 1782916579756708 5081951; combined=8758467, p1=373, p2=4787, p3=86, p4=14756, p5=4369255, sr=132, sw=1, l=0, gc=4369209
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
WebApp-Info: "default" "1756197464" "-"
Engine-Mode: "ENABLED"
--9b36bd08-Z--
--06a51115-A--
[01/Jul/2026:14:36:24.838938 +0000] akUl5FARN0ItUDdAEIz2-gAAARc 113.10.222.11 54166 172.26.37.160 7081
--06a51115-B--
GET /wp-content/themes/woodmart/css/parts/lib-swiper.min.css?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 113.10.222.11
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua-platform: "Windows"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36 Edg/149.0.0.0
sec-ch-ua: "Microsoft Edge";v="149", "Chromium";v="149", "Not)A;Brand";v="24"
sec-ch-ua-mobile: ?0
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://eonhk.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=0
cookie: _ga=GA1.1.1427380917.1756197464; hide-bg-blur-effect=true; __stripe_mid=5efb77c4-ccc0-453d-8c15-016a1a85644aff9c97; _gcl_au=1.1.403623478.1779873444; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2026-06-29%2004%3A06%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Feonhk.com%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fwww.bing.com%2F; sbjs_first_add=fd%3D2026-06-29%2004%3A06%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Feonhk.com%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fwww.bing.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dbing.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dbing.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F149.0.0.0%20Safari%2F537.36%20Edg%2F149.0.0.0; woodmart_recently_viewed_products=10192; _ga_JWZNZZ0JR8=GS2.1.s1782705979$o106$g1$t1782706007$j32$l0$h138627116
--06a51115-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/themes/woodmart/css/parts/lib-swiper.min.css
Content-Length: 0
Content-Type: text/css
--06a51115-E--
--06a51115-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "213.110.253.188_9b23512a6386ba95383618e35feb279fd7a0a60e"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "213.110.253.188_9b23512a6386ba95383618e35feb279fd7a0a60e"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/css/parts/lib-swiper.min.css"] [unique_id "akUl5FARN0ItUDdAEIz2-gAAARc"]
Stopwatch: 1782916580950795 3888267 (- - -)
Stopwatch2: 1782916580950795 3888267; combined=7550675, p1=289, p2=222560, p3=45, p4=19, p5=3663896, sr=93, sw=0, l=0, gc=3663866
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
WebApp-Info: "default" "1756197464" "-"
Engine-Mode: "ENABLED"
--06a51115-Z--
--5d835235-A--
[01/Jul/2026:14:36:24.842362 +0000] akUl5fellgjTnFA9ZpU@pwAAAA0 113.10.222.11 54100 172.26.37.160 7081
--5d835235-B--
GET /wp-content/themes/woodmart/css/parts/mod-sticky-loader.min.css?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 113.10.222.11
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua-platform: "Windows"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36 Edg/149.0.0.0
sec-ch-ua: "Microsoft Edge";v="149", "Chromium";v="149", "Not)A;Brand";v="24"
sec-ch-ua-mobile: ?0
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://eonhk.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=0
cookie: _ga=GA1.1.1427380917.1756197464; hide-bg-blur-effect=true; __stripe_mid=5efb77c4-ccc0-453d-8c15-016a1a85644aff9c97; _gcl_au=1.1.403623478.1779873444; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2026-06-29%2004%3A06%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Feonhk.com%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fwww.bing.com%2F; sbjs_first_add=fd%3D2026-06-29%2004%3A06%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Feonhk.com%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fwww.bing.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dbing.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dbing.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F149.0.0.0%20Safari%2F537.36%20Edg%2F149.0.0.0; woodmart_recently_viewed_products=10192; _ga_JWZNZZ0JR8=GS2.1.s1782705979$o106$g1$t1782706007$j32$l0$h138627116
--5d835235-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
Last-Modified: Tue, 10 Dec 2024 10:29:06 GMT
ETag: "168-628e7f3606080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 221
Content-Type: text/css
--5d835235-E--
--5d835235-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "213.110.253.188_9b23512a6386ba95383618e35feb279fd7a0a60e"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "213.110.253.188_9b23512a6386ba95383618e35feb279fd7a0a60e"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/css/parts/mod-sticky-loader.min.css"] [unique_id "akUl5fellgjTnFA9ZpU@pwAAAA0"]
Stopwatch: 1782916581228039 3614431 (- - -)
Stopwatch2: 1782916581228039 3614431; combined=7077734, p1=864, p2=98095, p3=42, p4=15, p5=3489372, sr=112, sw=0, l=0, gc=3489346
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
WebApp-Info: "default" "1756197464" "-"
Engine-Mode: "ENABLED"
--5d835235-Z--
--b209eb19-A--
[01/Jul/2026:14:36:36.345609 +0000] akUl9OD-iiE84k1CU8wlbwAAAJc 104.22.24.101 47690 172.26.37.160 7081
--b209eb19-B--
GET /products/2754970994591?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.24.101
X-Forwarded-For: 2a03:2880:f806:47::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a14624d668072643-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:47::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--b209eb19-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b209eb19-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/products/2754970994591"] [unique_id "akUl9OD-iiE84k1CU8wlbwAAAJc"]
Action: Intercepted (phase 1)
Stopwatch: 1782916596344650 1030 (- - -)
Stopwatch2: 1782916596344650 1030; combined=271, p1=208, p2=0, p3=0, p4=0, p5=62, sr=97, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b209eb19-Z--
--ea20664a-A--
[01/Jul/2026:14:38:29.718869 +0000] akUmZOD-iiE84k1CU8wlpQAAAIA 113.10.222.11 47630 172.26.37.160 7081
--ea20664a-B--
GET /wp-content/themes/woodmart/js/scripts/elements/accordion.min.js?ver=8.0.4 HTTP/1.1
Host: eonhk.com
X-Real-IP: 113.10.222.11
X-Accel-Internal: /internal-nginx-static-location
sec-ch-ua-platform: "Windows"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36 Edg/149.0.0.0
sec-ch-ua: "Microsoft Edge";v="149", "Chromium";v="149", "Not)A;Brand";v="24"
sec-ch-ua-mobile: ?0
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://eonhk.com/product/baltas-r-stool/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=2
cookie: _ga=GA1.1.1427380917.1756197464; hide-bg-blur-effect=true; __stripe_mid=5efb77c4-ccc0-453d-8c15-016a1a85644aff9c97; _gcl_au=1.1.403623478.1779873444; sbjs_migrations=1418474375998%3D1; sbjs_first_add=fd%3D2026-06-29%2004%3A06%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Feonhk.com%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fwww.bing.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dbing.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dbing.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; woodmart_recently_viewed_products=10192; sbjs_current_add=fd%3D2026-07-01%2014%3A36%3A23%7C%7C%7Cep%3Dhttps%3A%2F%2Feonhk.com%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fwww.bing.com%2F; sbjs_udata=vst%3D2%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F149.0.0.0%20Safari%2F537.36%20Edg%2F149.0.0.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Feonhk.com%2F; _ga_JWZNZZ0JR8=GS2.1.s1782916583$o107$g1$t1782916709$j58$l0$h619977018
--ea20664a-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/themes/woodmart/js/scripts/elements/accordion.min.js
Content-Length: 0
Content-Type: application/javascript
--ea20664a-E--
--ea20664a-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "213.110.253.188_ae2de548acc5f7bfee66f1eca77784a02a802ddd"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "213.110.253.188_ae2de548acc5f7bfee66f1eca77784a02a802ddd"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/themes/woodmart/js/scripts/elements/accordion.min.js"] [unique_id "akUmZOD-iiE84k1CU8wlpQAAAIA"]
Stopwatch: 1782916708109110 1609884 (- - -)
Stopwatch2: 1782916708109110 1609884; combined=3133767, p1=480, p2=18105, p3=49, p4=23, p5=1560870, sr=104, sw=1, l=0, gc=1554239
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
WebApp-Info: "default" "1756197464" "-"
Engine-Mode: "ENABLED"
--ea20664a-Z--
--aa701808-A--
[01/Jul/2026:14:48:04.879823 +0000] akUopPellgjTnFA9ZpVAFAAAABI 104.23.225.93 57326 172.26.37.160 7081
--aa701808-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: www.airvenushk.com
X-Real-IP: 104.23.225.93
X-Forwarded-For: 194.163.131.55
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWRtaW46YWRtaW5fMQ==
accept: application/json
user-agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
accept-encoding: gzip, br
cf-ray: a14635a40cd18f0a-CDG
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 194.163.131.55
cf-ipcountry: FR
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--aa701808-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--aa701808-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.airvenushk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akUopPellgjTnFA9ZpVAFAAAABI"]
Action: Intercepted (phase 2)
Stopwatch: 1782917284877158 2787 (- - -)
Stopwatch2: 1782917284877158 2787; combined=1419, p1=755, p2=614, p3=0, p4=0, p5=49, sr=81, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--aa701808-Z--
--21466f06-A--
[01/Jul/2026:14:49:25.474680 +0000] akUo9fellgjTnFA9ZpVAKAAAABM 104.22.24.101 34770 172.26.37.160 7081
--21466f06-B--
GET /products/1561827571440?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.24.101
X-Forwarded-For: 2a03:2880:f806:15::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a146379d7fa5483f-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:15::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--21466f06-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--21466f06-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/products/1561827571440"] [unique_id "akUo9fellgjTnFA9ZpVAKAAAABM"]
Action: Intercepted (phase 1)
Stopwatch: 1782917365473753 1013 (- - -)
Stopwatch2: 1782917365473753 1013; combined=245, p1=193, p2=0, p3=0, p4=0, p5=52, sr=66, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--21466f06-Z--
--a3dbf527-A--
[01/Jul/2026:14:53:28.413851 +0000] akUp6FARN0ItUDdAEIz40QAAAQQ 172.70.207.49 33978 172.26.37.160 7081
--a3dbf527-B--
GET /wp-json/wp/v2/users/me HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.70.207.49
X-Forwarded-For: 39.97.110.217
X-Accel-Internal: /internal-nginx-static-location
authorization: Basic YWlyLXZlbnVzOmFpci12ZW51czIzNA==
accept: application/json
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0
accept-encoding: gzip, br
cf-ray: a1463d899caacba7-LAX
accept-language: en-US,en;q=0.9
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 39.97.110.217
cf-ipcountry: CN
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a3dbf527-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a3dbf527-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "airvenushk.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akUp6FARN0ItUDdAEIz40QAAAQQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782917608411013 2926 (- - -)
Stopwatch2: 1782917608411013 2926; combined=1421, p1=784, p2=575, p3=0, p4=0, p5=61, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a3dbf527-Z--
--3066df71-A--
[01/Jul/2026:14:54:31.839067 +0000] akUqJ-ellgjTnFA9ZpVBHwAAAAs 43.129.169.161 49558 172.26.37.160 7080
--3066df71-B--
HEAD /Core/Skin/Login.aspx HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 43.129.169.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cache-Control: no-cache
Pragma: no-cache
Proxy-Connection: keep-alive
--3066df71-F--
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=iso-8859-1
--3066df71-H--
Message: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||18.142.40.148|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||18.142.40.148|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "18.142.40.148"] [uri "/Core/Skin/Login.aspx"] [unique_id "akUqJ-ellgjTnFA9ZpVBHwAAAAs"]
Action: Intercepted (phase 2)
Stopwatch: 1782917671837209 1911 (- - -)
Stopwatch2: 1782917671837209 1911; combined=711, p1=317, p2=310, p3=0, p4=0, p5=83, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3066df71-Z--
--33e3223a-A--
[01/Jul/2026:14:55:08.311778 +0000] akUqTPellgjTnFA9ZpVBMwAAAA0 172.68.242.120 38370 172.26.37.160 7081
--33e3223a-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1463ffcdce19c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--33e3223a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--33e3223a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUqTPellgjTnFA9ZpVBMwAAAA0"]
Action: Intercepted (phase 2)
Stopwatch: 1782917708308198 3670 (- - -)
Stopwatch2: 1782917708308198 3670; combined=1803, p1=317, p2=1286, p3=0, p4=0, p5=127, sr=74, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--33e3223a-Z--
--31759671-A--
[01/Jul/2026:14:55:35.963432 +0000] akUqZ-ellgjTnFA9ZpVBTgAAAAA 202.46.68.177 34416 172.26.37.160 7081
--31759671-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--31759671-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--31759671-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUqZ-ellgjTnFA9ZpVBTgAAAAA"]
Action: Intercepted (phase 2)
Stopwatch: 1782917735959421 4068 (- - -)
Stopwatch2: 1782917735959421 4068; combined=1558, p1=342, p2=988, p3=0, p4=0, p5=164, sr=75, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--31759671-Z--
--a9dcb815-A--
[01/Jul/2026:14:56:01.994583 +0000] akUqgfellgjTnFA9ZpVBagAAAAQ 172.68.242.120 39950 172.26.37.160 7081
--a9dcb815-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a146414c5ba29c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a9dcb815-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a9dcb815-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUqgfellgjTnFA9ZpVBagAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782917761991153 3511 (- - -)
Stopwatch2: 1782917761991153 3511; combined=2186, p1=922, p2=1091, p3=0, p4=0, p5=112, sr=82, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a9dcb815-Z--
--21f6f07f-A--
[01/Jul/2026:14:56:12.865534 +0000] akUqjPellgjTnFA9ZpVBbgAAAA8 172.68.242.120 48970 172.26.37.160 7081
--21f6f07f-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14641904b3a9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--21f6f07f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--21f6f07f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUqjPellgjTnFA9ZpVBbgAAAA8"]
Action: Intercepted (phase 2)
Stopwatch: 1782917772861995 3653 (- - -)
Stopwatch2: 1782917772861995 3653; combined=2383, p1=331, p2=1879, p3=0, p4=0, p5=113, sr=72, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--21f6f07f-Z--
--f30c9572-A--
[01/Jul/2026:14:56:39.913883 +0000] akUqp-ellgjTnFA9ZpVBdQAAABE 202.46.68.177 56194 172.26.37.160 7081
--f30c9572-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--f30c9572-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--f30c9572-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUqp-ellgjTnFA9ZpVBdQAAABE"]
Action: Intercepted (phase 2)
Stopwatch: 1782917799911289 2650 (- - -)
Stopwatch2: 1782917799911289 2650; combined=1500, p1=334, p2=984, p3=0, p4=0, p5=121, sr=73, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--f30c9572-Z--
--daaf4e48-A--
[01/Jul/2026:14:56:50.549341 +0000] akUqsuD-iiE84k1CU8wnygAAAIs 202.46.68.177 60336 172.26.37.160 7081
--daaf4e48-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--daaf4e48-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--daaf4e48-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUqsuD-iiE84k1CU8wnygAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782917810546598 2800 (- - -)
Stopwatch2: 1782917810546598 2800; combined=1552, p1=394, p2=979, p3=0, p4=0, p5=118, sr=102, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--daaf4e48-Z--
--0fdcc601-A--
[01/Jul/2026:14:57:17.425995 +0000] akUqzVARN0ItUDdAEIz5kwAAAQI 172.68.242.120 51320 172.26.37.160 7081
--0fdcc601-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1464323df7c9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0fdcc601-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0fdcc601-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUqzVARN0ItUDdAEIz5kwAAAQI"]
Action: Intercepted (phase 2)
Stopwatch: 1782917837421878 4201 (- - -)
Stopwatch2: 1782917837421878 4201; combined=1985, p1=332, p2=1481, p3=0, p4=0, p5=113, sr=85, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0fdcc601-Z--
--3abcb06d-A--
[01/Jul/2026:14:58:05.499702 +0000] akUq-VARN0ItUDdAEIz5owAAAQ8 202.46.68.177 45618 172.26.37.160 7081
--3abcb06d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--3abcb06d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3abcb06d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUq-VARN0ItUDdAEIz5owAAAQ8"]
Action: Intercepted (phase 2)
Stopwatch: 1782917885496966 2812 (- - -)
Stopwatch2: 1782917885496966 2812; combined=1545, p1=326, p2=1032, p3=0, p4=0, p5=123, sr=86, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3abcb06d-Z--
--573d977c-A--
[01/Jul/2026:14:58:26.812592 +0000] akUrElARN0ItUDdAEIz5qwAAARY 202.46.68.177 36326 172.26.37.160 7081
--573d977c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--573d977c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--573d977c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUrElARN0ItUDdAEIz5qwAAARY"]
Action: Intercepted (phase 2)
Stopwatch: 1782917906809569 3714 (- - -)
Stopwatch2: 1782917906809569 3714; combined=1442, p1=317, p2=944, p3=0, p4=0, p5=119, sr=79, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--573d977c-Z--
--eb0ddf70-A--
[01/Jul/2026:14:58:43.334570 +0000] akUrI-ellgjTnFA9ZpVBlwAAABQ 172.68.242.120 50460 172.26.37.160 7081
--eb0ddf70-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 716
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a146453cbcb89c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--eb0ddf70-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--eb0ddf70-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUrI-ellgjTnFA9ZpVBlwAAABQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782917923331291 3360 (- - -)
Stopwatch2: 1782917923331291 3360; combined=1619, p1=363, p2=1052, p3=0, p4=0, p5=128, sr=82, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--eb0ddf70-Z--
--e0b4ad15-A--
[01/Jul/2026:14:59:05.591726 +0000] akUrOfellgjTnFA9ZpVBnQAAAAY 120.56.213.201 44010 172.26.37.160 7081
--e0b4ad15-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--e0b4ad15-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e0b4ad15-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUrOfellgjTnFA9ZpVBnQAAAAY"]
Action: Intercepted (phase 2)
Stopwatch: 1782917945588092 3693 (- - -)
Stopwatch2: 1782917945588092 3693; combined=2269, p1=334, p2=1726, p3=0, p4=0, p5=139, sr=82, sw=70, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e0b4ad15-Z--
--c224dd6b-A--
[01/Jul/2026:14:59:46.476423 +0000] akUrYlARN0ItUDdAEIz5wgAAAQU 172.68.242.120 34974 172.26.37.160 7081
--c224dd6b-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14646c76aa39c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c224dd6b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c224dd6b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUrYlARN0ItUDdAEIz5wgAAAQU"]
Action: Intercepted (phase 2)
Stopwatch: 1782917986472586 3937 (- - -)
Stopwatch2: 1782917986472586 3937; combined=2624, p1=372, p2=2072, p3=0, p4=0, p5=117, sr=82, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c224dd6b-Z--
--7cc10418-A--
[01/Jul/2026:14:59:52.035742 +0000] akUraFARN0ItUDdAEIz5xQAAARA 202.46.68.177 35028 172.26.37.160 7081
--7cc10418-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--7cc10418-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7cc10418-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUraFARN0ItUDdAEIz5xQAAARA"]
Action: Intercepted (phase 2)
Stopwatch: 1782917992032906 2892 (- - -)
Stopwatch2: 1782917992032906 2892; combined=1529, p1=347, p2=1005, p3=0, p4=0, p5=118, sr=84, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7cc10418-Z--
--c03b9b38-A--
[01/Jul/2026:14:59:57.011180 +0000] akUrbVARN0ItUDdAEIz5yAAAAQc 172.68.242.120 42596 172.26.37.160 7081
--c03b9b38-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 722
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14647093eec9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c03b9b38-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c03b9b38-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUrbVARN0ItUDdAEIz5yAAAAQc"]
Action: Intercepted (phase 2)
Stopwatch: 1782917997004645 6634 (- - -)
Stopwatch2: 1782917997004645 6634; combined=3987, p1=374, p2=3407, p3=0, p4=0, p5=133, sr=101, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c03b9b38-Z--
--86f09402-A--
[01/Jul/2026:15:01:00.076707 +0000] akUrrFARN0ItUDdAEIz51gAAARg 172.68.242.120 49184 172.26.37.160 7081
--86f09402-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a146489369d59c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--86f09402-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--86f09402-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUrrFARN0ItUDdAEIz51gAAARg"]
Action: Intercepted (phase 2)
Stopwatch: 1782918060073002 3784 (- - -)
Stopwatch2: 1782918060073002 3784; combined=2132, p1=342, p2=1615, p3=0, p4=0, p5=113, sr=81, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--86f09402-Z--
--a5a69f50-A--
[01/Jul/2026:15:01:21.027970 +0000] akUrwfellgjTnFA9ZpVB0gAAAAU 172.68.242.120 56988 172.26.37.160 7081
--a5a69f50-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a146491659fa9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a5a69f50-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a5a69f50-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUrwfellgjTnFA9ZpVB0gAAAAU"]
Action: Intercepted (phase 2)
Stopwatch: 1782918081024745 3627 (- - -)
Stopwatch2: 1782918081024745 3627; combined=2058, p1=360, p2=1528, p3=0, p4=0, p5=110, sr=77, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a5a69f50-Z--
--a263f67d-A--
[01/Jul/2026:15:01:27.811073 +0000] akUrx-ellgjTnFA9ZpVB1QAAAA8 202.46.68.177 56220 172.26.37.160 7081
--a263f67d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--a263f67d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a263f67d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUrx-ellgjTnFA9ZpVB1QAAAA8"]
Action: Intercepted (phase 2)
Stopwatch: 1782918087805615 5519 (- - -)
Stopwatch2: 1782918087805615 5519; combined=4127, p1=330, p2=3524, p3=0, p4=0, p5=171, sr=83, sw=102, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a263f67d-Z--
--54910929-A--
[01/Jul/2026:15:01:35.097615 +0000] akUrz@D-iiE84k1CU8wn8QAAAIs 120.56.213.201 58550 172.26.37.160 7081
--54910929-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--54910929-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--54910929-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUrz@D-iiE84k1CU8wn8QAAAIs"]
Action: Intercepted (phase 2)
Stopwatch: 1782918095093519 4161 (- - -)
Stopwatch2: 1782918095093519 4161; combined=2254, p1=1050, p2=1000, p3=0, p4=0, p5=135, sr=78, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--54910929-Z--
--5784690e-A--
[01/Jul/2026:15:01:49.225931 +0000] akUr3fellgjTnFA9ZpVB3QAAABE 202.46.68.177 51220 172.26.37.160 7081
--5784690e-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--5784690e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--5784690e-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUr3fellgjTnFA9ZpVB3QAAABE"]
Action: Intercepted (phase 2)
Stopwatch: 1782918109223249 2735 (- - -)
Stopwatch2: 1782918109223249 2735; combined=1544, p1=347, p2=1032, p3=0, p4=0, p5=108, sr=75, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--5784690e-Z--
--800e3614-A--
[01/Jul/2026:15:02:07.158858 +0000] akUr71ARN0ItUDdAEIz54AAAARA 120.56.213.201 51898 172.26.37.160 7081
--800e3614-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--800e3614-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--800e3614-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUr71ARN0ItUDdAEIz54AAAARA"]
Action: Intercepted (phase 2)
Stopwatch: 1782918127155219 3700 (- - -)
Stopwatch2: 1782918127155219 3700; combined=2350, p1=325, p2=1826, p3=0, p4=0, p5=135, sr=87, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--800e3614-Z--
--d3a5ab44-A--
[01/Jul/2026:15:02:39.182226 +0000] akUsD1ARN0ItUDdAEIz59QAAAQQ 120.56.213.201 51636 172.26.37.160 7081
--d3a5ab44-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d3a5ab44-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d3a5ab44-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUsD1ARN0ItUDdAEIz59QAAAQQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782918159176454 8455 (- - -)
Stopwatch2: 1782918159176454 8455; combined=2753, p1=302, p2=2240, p3=0, p4=0, p5=143, sr=67, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d3a5ab44-Z--
--417abb56-A--
[01/Jul/2026:15:02:45.170672 +0000] akUsFfellgjTnFA9ZpVCEQAAABA 172.68.242.120 40828 172.26.37.160 7081
--417abb56-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1464b243c2f9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--417abb56-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--417abb56-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUsFfellgjTnFA9ZpVCEQAAABA"]
Action: Intercepted (phase 2)
Stopwatch: 1782918165165250 8217 (- - -)
Stopwatch2: 1782918165165250 8217; combined=1652, p1=298, p2=1166, p3=0, p4=0, p5=122, sr=65, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--417abb56-Z--
--9f707019-A--
[01/Jul/2026:15:02:53.192596 +0000] akUsHfellgjTnFA9ZpVCEwAAABI 202.46.68.177 40876 172.26.37.160 7081
--9f707019-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--9f707019-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9f707019-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUsHfellgjTnFA9ZpVCEwAAABI"]
Action: Intercepted (phase 2)
Stopwatch: 1782918173189015 3638 (- - -)
Stopwatch2: 1782918173189015 3638; combined=1963, p1=351, p2=1415, p3=0, p4=0, p5=131, sr=90, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9f707019-Z--
--4608857b-A--
[01/Jul/2026:15:03:46.475734 +0000] akUsUuD-iiE84k1CU8woIgAAAIA 202.46.68.177 53916 172.26.37.160 7081
--4608857b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--4608857b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4608857b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUsUuD-iiE84k1CU8woIgAAAIA"]
Action: Intercepted (phase 2)
Stopwatch: 1782918226471351 4446 (- - -)
Stopwatch2: 1782918226471351 4446; combined=1622, p1=326, p2=1086, p3=0, p4=0, p5=139, sr=69, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4608857b-Z--
--dda2c14c-A--
[01/Jul/2026:15:03:48.201040 +0000] akUsVFARN0ItUDdAEIz6KAAAAQw 172.68.242.120 54166 172.26.37.160 7081
--dda2c14c-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1464cae2a0c9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--dda2c14c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--dda2c14c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUsVFARN0ItUDdAEIz6KAAAAQw"]
Action: Intercepted (phase 2)
Stopwatch: 1782918228197008 4279 (- - -)
Stopwatch2: 1782918228197008 4279; combined=2746, p1=353, p2=2144, p3=0, p4=0, p5=158, sr=75, sw=91, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--dda2c14c-Z--
--4e74cd37-A--
[01/Jul/2026:15:03:53.758443 +0000] akUsWeD-iiE84k1CU8woLAAAAIc 120.56.213.201 54180 172.26.37.160 7081
--4e74cd37-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--4e74cd37-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4e74cd37-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUsWeD-iiE84k1CU8woLAAAAIc"]
Action: Intercepted (phase 2)
Stopwatch: 1782918233754945 3554 (- - -)
Stopwatch2: 1782918233754945 3554; combined=2350, p1=319, p2=1859, p3=0, p4=0, p5=114, sr=73, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4e74cd37-Z--
--fd3c3557-A--
[01/Jul/2026:15:04:29.208854 +0000] akUsfVARN0ItUDdAEIz6LgAAAQ4 202.46.68.177 50028 172.26.37.160 7081
--fd3c3557-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--fd3c3557-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--fd3c3557-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUsfVARN0ItUDdAEIz6LgAAAQ4"]
Action: Intercepted (phase 2)
Stopwatch: 1782918269205370 3541 (- - -)
Stopwatch2: 1782918269205370 3541; combined=2301, p1=346, p2=1753, p3=0, p4=0, p5=137, sr=78, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--fd3c3557-Z--
--67ca6726-A--
[01/Jul/2026:15:04:30.158892 +0000] akUsfvellgjTnFA9ZpVCOwAAABM 172.68.242.120 50048 172.26.37.160 7081
--67ca6726-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 712
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1464db468099c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--67ca6726-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--67ca6726-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUsfvellgjTnFA9ZpVCOwAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782918270154944 4070 (- - -)
Stopwatch2: 1782918270154944 4070; combined=2233, p1=341, p2=1109, p3=0, p4=0, p5=419, sr=77, sw=364, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--67ca6726-Z--
--9f7dc960-A--
[01/Jul/2026:15:04:50.508509 +0000] akUsklARN0ItUDdAEIz6NQAAAQU 202.46.68.177 33994 172.26.37.160 7081
--9f7dc960-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--9f7dc960-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9f7dc960-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUsklARN0ItUDdAEIz6NQAAAQU"]
Action: Intercepted (phase 2)
Stopwatch: 1782918290503483 7364 (- - -)
Stopwatch2: 1782918290503483 7364; combined=2744, p1=1229, p2=1298, p3=0, p4=0, p5=144, sr=71, sw=73, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9f7dc960-Z--
--67cd9e18-A--
[01/Jul/2026:15:05:12.144965 +0000] akUsqPellgjTnFA9ZpVCUgAAAAc 172.68.242.120 36534 172.26.37.160 7081
--67cd9e18-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1464ebace899c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--67cd9e18-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--67cd9e18-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUsqPellgjTnFA9ZpVCUgAAAAc"]
Action: Intercepted (phase 2)
Stopwatch: 1782918312141324 3755 (- - -)
Stopwatch2: 1782918312141324 3755; combined=1634, p1=332, p2=1105, p3=0, p4=0, p5=129, sr=80, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--67cd9e18-Z--
--e2c76b37-A--
[01/Jul/2026:15:05:33.899243 +0000] akUsveD-iiE84k1CU8woRwAAAJM 202.46.68.177 60670 172.26.37.160 7081
--e2c76b37-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--e2c76b37-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e2c76b37-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUsveD-iiE84k1CU8woRwAAAJM"]
Action: Intercepted (phase 2)
Stopwatch: 1782918333122794 776512 (- - -)
Stopwatch2: 1782918333122794 776512; combined=1549015, p1=363, p2=1663, p3=0, p4=0, p5=773519, sr=84, sw=57, l=0, gc=773413
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e2c76b37-Z--
--3c867026-A--
[01/Jul/2026:15:05:40.309994 +0000] akUsxFARN0ItUDdAEIz6SAAAARQ 120.56.213.201 41282 172.26.37.160 7081
--3c867026-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--3c867026-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3c867026-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUsxFARN0ItUDdAEIz6SAAAARQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782918340306884 3171 (- - -)
Stopwatch2: 1782918340306884 3171; combined=1879, p1=709, p2=999, p3=0, p4=0, p5=111, sr=73, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3c867026-Z--
--90fa9954-A--
[01/Jul/2026:15:05:50.971758 +0000] akUszuD-iiE84k1CU8woSwAAAIk 120.56.213.201 50060 172.26.37.160 7081
--90fa9954-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--90fa9954-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--90fa9954-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUszuD-iiE84k1CU8woSwAAAIk"]
Action: Intercepted (phase 2)
Stopwatch: 1782918350967929 3897 (- - -)
Stopwatch2: 1782918350967929 3897; combined=2448, p1=362, p2=1900, p3=0, p4=0, p5=121, sr=85, sw=65, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--90fa9954-Z--
--af15c607-A--
[01/Jul/2026:15:06:36.203789 +0000] akUs-PellgjTnFA9ZpVCeAAAABY 172.68.242.120 51868 172.26.37.160 7081
--af15c607-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14650c82ac49c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--af15c607-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--af15c607-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUs-PellgjTnFA9ZpVCeAAAABY"]
Action: Intercepted (phase 2)
Stopwatch: 1782918396200663 3207 (- - -)
Stopwatch2: 1782918396200663 3207; combined=1667, p1=374, p2=1099, p3=0, p4=0, p5=132, sr=107, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--af15c607-Z--
--b3a2f50b-A--
[01/Jul/2026:15:06:37.030581 +0000] akUs-eD-iiE84k1CU8woVQAAAIA 202.46.68.177 51880 172.26.37.160 7081
--b3a2f50b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--b3a2f50b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b3a2f50b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (4+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUs-eD-iiE84k1CU8woVQAAAIA"]
Action: Intercepted (phase 2)
Stopwatch: 1782918397027470 3168 (- - -)
Stopwatch2: 1782918397027470 3168; combined=1960, p1=342, p2=1424, p3=0, p4=0, p5=130, sr=87, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b3a2f50b-Z--
--7cd3991f-A--
[01/Jul/2026:15:06:46.755365 +0000] akUtBvellgjTnFA9ZpVCegAAABc 172.68.242.120 53234 172.26.37.160 7081
--7cd3991f-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a146510a29589c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--7cd3991f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7cd3991f-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUtBvellgjTnFA9ZpVCegAAABc"]
Action: Intercepted (phase 2)
Stopwatch: 1782918406751962 3487 (- - -)
Stopwatch2: 1782918406751962 3487; combined=2041, p1=312, p2=1541, p3=0, p4=0, p5=125, sr=73, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7cd3991f-Z--
--7f464f14-A--
[01/Jul/2026:15:06:54.931538 +0000] akUtDvellgjTnFA9ZpVCfgAAABM 120.56.213.201 40108 172.26.37.160 7081
--7f464f14-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--7f464f14-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7f464f14-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUtDvellgjTnFA9ZpVCfgAAABM"]
Action: Intercepted (phase 2)
Stopwatch: 1782918414924793 6806 (- - -)
Stopwatch2: 1782918414924793 6806; combined=5250, p1=1097, p2=3924, p3=0, p4=0, p5=152, sr=74, sw=77, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7f464f14-Z--
--400c877b-A--
[01/Jul/2026:15:07:26.948299 +0000] akUtLlARN0ItUDdAEIz6gwAAAQY 120.56.213.201 37226 172.26.37.160 7081
--400c877b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--400c877b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--400c877b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUtLlARN0ItUDdAEIz6gwAAAQY"]
Action: Intercepted (phase 2)
Stopwatch: 1782918446944355 4654 (- - -)
Stopwatch2: 1782918446944355 4654; combined=2251, p1=342, p2=964, p3=0, p4=0, p5=878, sr=84, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--400c877b-Z--
--e399c17b-A--
[01/Jul/2026:15:07:41.716328 +0000] akUtPOD-iiE84k1CU8wonQAAAI0 202.46.68.177 57142 172.26.37.160 7081
--e399c17b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--e399c17b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e399c17b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUtPOD-iiE84k1CU8wonQAAAI0"]
Action: Intercepted (phase 2)
Stopwatch: 1782918460961217 758561 (- - -)
Stopwatch2: 1782918460961217 758561; combined=1503850, p1=302, p2=950, p3=0, p4=0, p5=751328, sr=67, sw=751270, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e399c17b-Z--
--2e5bfc73-A--
[01/Jul/2026:15:07:43.151057 +0000] akUtPPellgjTnFA9ZpVCxAAAAAY 34.48.138.189 57112 172.26.37.160 7081
--2e5bfc73-B--
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: www.preemptivestrategies.hk
X-Real-IP: 34.48.138.189
X-Accel-Internal: /internal-nginx-static-location
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.preemptivestrategies.hk/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
priority: u=2
--2e5bfc73-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Cache-Control: public
Content-Length: 0
Content-Type: text/css
--2e5bfc73-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "202.46.68.177_4c61c6b6817706d653d6afd3ec3d48129012ccfc"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "202.46.68.177_4c61c6b6817706d653d6afd3ec3d48129012ccfc"): Internal error (specific information not available) [hostname "www.preemptivestrategies.hk"] [uri "/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css"] [unique_id "akUtPPellgjTnFA9ZpVCxAAAAAY"]
Stopwatch: 1782918460934215 2216917 (- - -)
Stopwatch2: 1782918460934215 2216917; combined=4425749, p1=672, p2=1153, p3=26, p4=23, p5=2211961, sr=52, sw=0, l=0, gc=2211914
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2e5bfc73-Z--
--9cbc310a-A--
[01/Jul/2026:15:07:58.881130 +0000] akUtTlARN0ItUDdAEIz6wAAAARg 120.56.213.201 59054 172.26.37.160 7081
--9cbc310a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--9cbc310a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9cbc310a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUtTlARN0ItUDdAEIz6wAAAARg"]
Action: Intercepted (phase 2)
Stopwatch: 1782918478877645 3565 (- - -)
Stopwatch2: 1782918478877645 3565; combined=2373, p1=322, p2=1886, p3=0, p4=0, p5=107, sr=70, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9cbc310a-Z--
--26939a19-A--
[01/Jul/2026:15:08:00.180781 +0000] akUtUPellgjTnFA9ZpVDCAAAAAQ 172.68.242.120 59088 172.26.37.160 7081
--26939a19-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 720
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14652d50bdf9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--26939a19-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--26939a19-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUtUPellgjTnFA9ZpVDCAAAAAQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782918480177597 3263 (- - -)
Stopwatch2: 1782918480177597 3263; combined=2090, p1=329, p2=1084, p3=0, p4=0, p5=596, sr=74, sw=81, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--26939a19-Z--
--34c2be4d-A--
[01/Jul/2026:15:08:12.843949 +0000] akUtXPellgjTnFA9ZpVDFQAAAAo 202.46.68.177 34694 172.26.37.160 7081
--34c2be4d-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--34c2be4d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--34c2be4d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUtXPellgjTnFA9ZpVDFQAAAAo"]
Action: Intercepted (phase 2)
Stopwatch: 1782918492841532 2472 (- - -)
Stopwatch2: 1782918492841532 2472; combined=1444, p1=313, p2=971, p3=0, p4=0, p5=105, sr=73, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--34c2be4d-Z--
--3f610a08-A--
[01/Jul/2026:15:08:30.895464 +0000] akUtbuD-iiE84k1CU8wpEgAAAJQ 120.56.213.201 36668 172.26.37.160 7081
--3f610a08-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--3f610a08-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3f610a08-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUtbuD-iiE84k1CU8wpEgAAAJQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782918510892788 2737 (- - -)
Stopwatch2: 1782918510892788 2737; combined=1503, p1=332, p2=1005, p3=0, p4=0, p5=107, sr=71, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3f610a08-Z--
--c197445b-A--
[01/Jul/2026:15:08:52.641947 +0000] akUthOD-iiE84k1CU8wphwAAAJI 172.68.242.120 51144 172.26.37.160 7081
--c197445b-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a146541cee5c9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c197445b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c197445b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUthOD-iiE84k1CU8wphwAAAJI"]
Action: Intercepted (phase 2)
Stopwatch: 1782918532638663 3372 (- - -)
Stopwatch2: 1782918532638663 3372; combined=1642, p1=391, p2=1089, p3=0, p4=0, p5=107, sr=112, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c197445b-Z--
--2c9c1d38-A--
[01/Jul/2026:15:08:55.485771 +0000] akUth7h@PR-WvDm@idza8QAAAEU 202.46.68.177 40470 172.26.37.160 7081
--2c9c1d38-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--2c9c1d38-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2c9c1d38-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUth7h@PR-WvDm@idza8QAAAEU"]
Action: Intercepted (phase 2)
Stopwatch: 1782918535434467 51372 (- - -)
Stopwatch2: 1782918535434467 51372; combined=98509, p1=315, p2=947, p3=0, p4=0, p5=48650, sr=75, sw=48597, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2c9c1d38-Z--
--c40aa700-A--
[01/Jul/2026:15:09:19.047424 +0000] akUtn7h@PR-WvDm@idzbEwAAAEg 104.22.1.201 35666 172.26.37.160 7081
--c40aa700-B--
GET /products/3683011988857?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.22.1.201
X-Forwarded-For: 2a03:2880:f806:d::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a14654beafe875fc-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:d::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--c40aa700-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c40aa700-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/products/3683011988857"] [unique_id "akUtn7h@PR-WvDm@idzbEwAAAEg"]
Action: Intercepted (phase 1)
Stopwatch: 1782918559046400 1113 (- - -)
Stopwatch2: 1782918559046400 1113; combined=258, p1=194, p2=0, p3=0, p4=0, p5=64, sr=71, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c40aa700-Z--
--4804820a-A--
[01/Jul/2026:15:09:30.664485 +0000] akUtqrh@PR-WvDm@idzbIwAAAFI 107.172.116.241 34038 172.26.37.160 7081
--4804820a-B--
GET /.env HTTP/1.1
Host: 18.142.40.148
X-Real-IP: 107.172.116.241
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--4804820a-F--
HTTP/1.1 403 Forbidden
Content-Length: 263
Content-Type: text/html; charset=iso-8859-1
--4804820a-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18.142.40.148"] [uri "/.env"] [unique_id "akUtqrh@PR-WvDm@idzbIwAAAFI"]
Action: Intercepted (phase 1)
Stopwatch: 1782918570663786 740 (- - -)
Stopwatch2: 1782918570663786 740; combined=266, p1=210, p2=0, p3=0, p4=0, p5=55, sr=71, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4804820a-Z--
--9e57b409-A--
[01/Jul/2026:15:09:34.776265 +0000] akUtrjAEezdFPX8dU-TOHgAAAMA 120.56.213.201 53448 172.26.37.160 7081
--9e57b409-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--9e57b409-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9e57b409-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUtrjAEezdFPX8dU-TOHgAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782918574772524 3809 (- - -)
Stopwatch2: 1782918574772524 3809; combined=1512, p1=339, p2=979, p3=0, p4=0, p5=131, sr=75, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9e57b409-Z--
--4a61db5c-A--
[01/Jul/2026:15:10:06.226822 +0000] akUtzrh@PR-WvDm@idzbSgAAAE0 172.68.242.120 38368 172.26.37.160 7081
--4a61db5c-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14655e8d9409c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4a61db5c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4a61db5c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUtzrh@PR-WvDm@idzbSgAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782918606223724 3270 (- - -)
Stopwatch2: 1782918606223724 3270; combined=1872, p1=612, p2=1041, p3=0, p4=0, p5=143, sr=75, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4a61db5c-Z--
--1e7ed805-A--
[01/Jul/2026:15:10:06.645609 +0000] akUtzrh@PR-WvDm@idzbSwAAAFM 120.56.213.201 38384 172.26.37.160 7081
--1e7ed805-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--1e7ed805-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1e7ed805-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUtzrh@PR-WvDm@idzbSwAAAFM"]
Action: Intercepted (phase 2)
Stopwatch: 1782918606642708 2956 (- - -)
Stopwatch2: 1782918606642708 2956; combined=1567, p1=385, p2=1022, p3=0, p4=0, p5=105, sr=116, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1e7ed805-Z--
--011c6112-A--
[01/Jul/2026:15:10:09.977921 +0000] akUt0bh@PR-WvDm@idzbTQAAAFQ 202.46.68.177 38400 172.26.37.160 7081
--011c6112-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--011c6112-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--011c6112-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUt0bh@PR-WvDm@idzbTQAAAFQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782918609975118 2859 (- - -)
Stopwatch2: 1782918609975118 2859; combined=1461, p1=306, p2=971, p3=0, p4=0, p5=124, sr=71, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--011c6112-Z--
--be215044-A--
[01/Jul/2026:15:10:16.779018 +0000] akUt2Lh@PR-WvDm@idzbTwAAAEI 172.68.242.120 40306 172.26.37.160 7081
--be215044-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 723
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)
accept-language: en-US
cf-ray: a146562acd459c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--be215044-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--be215044-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUt2Lh@PR-WvDm@idzbTwAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782918616775873 3232 (- - -)
Stopwatch2: 1782918616775873 3232; combined=1548, p1=321, p2=1055, p3=0, p4=0, p5=113, sr=80, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--be215044-Z--
--2fa90659-A--
[01/Jul/2026:15:10:20.627262 +0000] akUt3OD-iiE84k1CU8wp9AAAAIM 202.46.68.177 40324 172.26.37.160 7081
--2fa90659-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--2fa90659-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2fa90659-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUt3OD-iiE84k1CU8wp9AAAAIM"]
Action: Intercepted (phase 2)
Stopwatch: 1782918620623862 3483 (- - -)
Stopwatch2: 1782918620623862 3483; combined=1901, p1=341, p2=1373, p3=0, p4=0, p5=126, sr=84, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2fa90659-Z--
--1ac5bb43-A--
[01/Jul/2026:15:10:37.877301 +0000] akUt7eD-iiE84k1CU8wp9wAAAII 172.68.242.120 59950 172.26.37.160 7081
--1ac5bb43-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a14656ae99609c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--1ac5bb43-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1ac5bb43-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUt7eD-iiE84k1CU8wp9wAAAII"]
Action: Intercepted (phase 2)
Stopwatch: 1782918637873766 3636 (- - -)
Stopwatch2: 1782918637873766 3636; combined=1621, p1=307, p2=1145, p3=0, p4=0, p5=110, sr=68, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1ac5bb43-Z--
--7179d27b-A--
[01/Jul/2026:15:11:10.433063 +0000] akUuDjAEezdFPX8dU-TOdQAAANg 120.56.213.201 47002 172.26.37.160 7081
--7179d27b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--7179d27b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7179d27b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUuDjAEezdFPX8dU-TOdQAAANg"]
Action: Intercepted (phase 2)
Stopwatch: 1782918670429960 3164 (- - -)
Stopwatch2: 1782918670429960 3164; combined=1979, p1=309, p2=1449, p3=0, p4=0, p5=135, sr=74, sw=86, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7179d27b-Z--
--9af35375-A--
[01/Jul/2026:15:11:21.066532 +0000] akUuGbh@PR-WvDm@idzbeAAAAFI 120.56.213.201 46676 172.26.37.160 7081
--9af35375-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--9af35375-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9af35375-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUuGbh@PR-WvDm@idzbeAAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782918681062513 4225 (- - -)
Stopwatch2: 1782918681062513 4225; combined=2537, p1=372, p2=1436, p3=0, p4=0, p5=398, sr=94, sw=331, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9af35375-Z--
--7c1a2577-A--
[01/Jul/2026:15:11:56.511728 +0000] akUuPOD-iiE84k1CU8wqSQAAAJU 202.46.68.177 48046 172.26.37.160 7081
--7c1a2577-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--7c1a2577-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7c1a2577-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUuPOD-iiE84k1CU8wqSQAAAJU"]
Action: Intercepted (phase 2)
Stopwatch: 1782918716509070 2918 (- - -)
Stopwatch2: 1782918716509070 2918; combined=1497, p1=311, p2=1002, p3=0, p4=0, p5=121, sr=72, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7c1a2577-Z--
--9822576c-A--
[01/Jul/2026:15:12:17.827098 +0000] akUuUTAEezdFPX8dU-TOkwAAAMg 202.46.68.177 33426 172.26.37.160 7081
--9822576c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--9822576c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9822576c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUuUTAEezdFPX8dU-TOkwAAAMg"]
Action: Intercepted (phase 2)
Stopwatch: 1782918737824306 4831 (- - -)
Stopwatch2: 1782918737824306 4831; combined=1588, p1=359, p2=1031, p3=0, p4=0, p5=139, sr=80, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9822576c-Z--
--caddd079-A--
[01/Jul/2026:15:12:25.622487 +0000] akUuWTAEezdFPX8dU-TOrAAAAM0 120.56.213.201 41276 172.26.37.160 7081
--caddd079-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--caddd079-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--caddd079-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUuWTAEezdFPX8dU-TOrAAAAM0"]
Action: Intercepted (phase 2)
Stopwatch: 1782918745130284 492281 (- - -)
Stopwatch2: 1782918745130284 492281; combined=980024, p1=305, p2=1054, p3=0, p4=0, p5=489365, sr=69, sw=489300, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--caddd079-Z--
--04496468-A--
[01/Jul/2026:15:13:15.442422 +0000] akUui7h@PR-WvDm@idzb2AAAAEQ 172.68.242.120 45064 172.26.37.160 7081
--04496468-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1465a876b8f9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--04496468-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--04496468-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUui7h@PR-WvDm@idzb2AAAAEQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782918795438886 3616 (- - -)
Stopwatch2: 1782918795438886 3616; combined=2424, p1=341, p2=1911, p3=0, p4=0, p5=113, sr=73, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--04496468-Z--
--ec22c215-A--
[01/Jul/2026:15:13:32.536407 +0000] akUunLh@PR-WvDm@idzb4gAAAEA 202.46.68.177 54254 172.26.37.160 7081
--ec22c215-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--ec22c215-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ec22c215-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUunLh@PR-WvDm@idzb4gAAAEA"]
Action: Intercepted (phase 2)
Stopwatch: 1782918812532096 6868 (- - -)
Stopwatch2: 1782918812532096 6868; combined=2453, p1=950, p2=1281, p3=0, p4=0, p5=137, sr=74, sw=85, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ec22c215-Z--
--994ffa6c-A--
[01/Jul/2026:15:13:39.934688 +0000] akUuo7h@PR-WvDm@idzb5gAAAEU 120.56.213.201 42986 172.26.37.160 7081
--994ffa6c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--994ffa6c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--994ffa6c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUuo7h@PR-WvDm@idzb5gAAAEU"]
Action: Intercepted (phase 2)
Stopwatch: 1782918819930814 4069 (- - -)
Stopwatch2: 1782918819930814 4069; combined=2248, p1=357, p2=1281, p3=0, p4=0, p5=542, sr=85, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--994ffa6c-Z--
--557efd30-A--
[01/Jul/2026:15:13:46.993783 +0000] akUuquD-iiE84k1CU8wqnQAAAIo 172.68.242.120 60042 172.26.37.160 7081
--557efd30-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 717
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1465b4c9e9d9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--557efd30-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--557efd30-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUuquD-iiE84k1CU8wqnQAAAIo"]
Action: Intercepted (phase 2)
Stopwatch: 1782918826989027 4883 (- - -)
Stopwatch2: 1782918826989027 4883; combined=3116, p1=414, p2=2464, p3=0, p4=0, p5=156, sr=88, sw=82, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--557efd30-Z--
--2a55c326-A--
[01/Jul/2026:15:13:50.573050 +0000] akUurrh@PR-WvDm@idzb5wAAAFc 120.56.213.201 60058 172.26.37.160 7081
--2a55c326-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--2a55c326-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2a55c326-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUurrh@PR-WvDm@idzb5wAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782918830569805 3301 (- - -)
Stopwatch2: 1782918830569805 3301; combined=1935, p1=310, p2=1427, p3=0, p4=0, p5=137, sr=77, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2a55c326-Z--
--ea03510b-A--
[01/Jul/2026:15:14:47.266092 +0000] akUu57h@PR-WvDm@idzcYAAAAFE 202.46.68.177 37490 172.26.37.160 7081
--ea03510b-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--ea03510b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ea03510b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (3+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUu57h@PR-WvDm@idzcYAAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782918887262968 3181 (- - -)
Stopwatch2: 1782918887262968 3181; combined=1976, p1=342, p2=1456, p3=0, p4=0, p5=117, sr=99, sw=61, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ea03510b-Z--
--6186e13b-A--
[01/Jul/2026:15:15:00.883700 +0000] akUu9Lh@PR-WvDm@idzcZgAAAFU 172.68.242.120 35348 172.26.37.160 7081
--6186e13b-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 718
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a1465d1a68a39c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6186e13b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6186e13b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (2+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUu9Lh@PR-WvDm@idzcZgAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782918900880466 3325 (- - -)
Stopwatch2: 1782918900880466 3325; combined=2008, p1=760, p2=1089, p3=0, p4=0, p5=104, sr=472, sw=55, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6186e13b-Z--
--6984aa39-A--
[01/Jul/2026:15:15:05.256232 +0000] akUu@bh@PR-WvDm@idzcaAAAAFI 120.56.213.201 60448 172.26.37.160 7081
--6984aa39-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--6984aa39-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6984aa39-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUu@bh@PR-WvDm@idzcaAAAAFI"]
Action: Intercepted (phase 2)
Stopwatch: 1782918905251921 4374 (- - -)
Stopwatch2: 1782918905251921 4374; combined=1831, p1=352, p2=1269, p3=0, p4=0, p5=133, sr=90, sw=77, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6984aa39-Z--
--a0e50465-A--
[01/Jul/2026:15:15:08.589307 +0000] akUu-Lh@PR-WvDm@idzcaQAAAEI 202.46.68.177 60452 172.26.37.160 7081
--a0e50465-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--a0e50465-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a0e50465-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUu-Lh@PR-WvDm@idzcaQAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782918908586122 3253 (- - -)
Stopwatch2: 1782918908586122 3253; combined=2113, p1=949, p2=997, p3=0, p4=0, p5=109, sr=82, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a0e50465-Z--
--1d20ba5d-A--
[01/Jul/2026:15:15:15.854251 +0000] akUvA7h@PR-WvDm@idzcbgAAAEY 120.56.213.201 46626 172.26.37.160 7081
--1d20ba5d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--1d20ba5d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1d20ba5d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUvA7h@PR-WvDm@idzcbgAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782918915850767 3550 (- - -)
Stopwatch2: 1782918915850767 3550; combined=1540, p1=383, p2=970, p3=0, p4=0, p5=123, sr=93, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1d20ba5d-Z--
--42feec25-A--
[01/Jul/2026:15:15:53.490455 +0000] akUvKeD-iiE84k1CU8wrAQAAAI8 172.68.242.120 41366 172.26.37.160 7081
--42feec25-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 725
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a1465e633f9a9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--42feec25-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--42feec25-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUvKeD-iiE84k1CU8wrAQAAAI8"]
Action: Intercepted (phase 2)
Stopwatch: 1782918953486679 3876 (- - -)
Stopwatch2: 1782918953486679 3876; combined=2584, p1=332, p2=2002, p3=0, p4=0, p5=160, sr=90, sw=90, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--42feec25-Z--
--50f4f31c-A--
[01/Jul/2026:15:16:02.167056 +0000] akUvMuD-iiE84k1CU8wrBAAAAJU 202.46.68.177 46344 172.26.37.160 7081
--50f4f31c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--50f4f31c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--50f4f31c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUvMuD-iiE84k1CU8wrBAAAAJU"]
Action: Intercepted (phase 2)
Stopwatch: 1782918962162709 4409 (- - -)
Stopwatch2: 1782918962162709 4409; combined=1534, p1=338, p2=981, p3=0, p4=0, p5=141, sr=100, sw=74, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--50f4f31c-Z--
--7c6cd217-A--
[01/Jul/2026:15:16:19.611501 +0000] akUvQ7h@PR-WvDm@idzcgAAAAE0 120.56.213.201 57394 172.26.37.160 7081
--7c6cd217-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--7c6cd217-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7c6cd217-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUvQ7h@PR-WvDm@idzcgAAAAE0"]
Action: Intercepted (phase 2)
Stopwatch: 1782918979608889 2667 (- - -)
Stopwatch2: 1782918979608889 2667; combined=1481, p1=348, p2=966, p3=0, p4=0, p5=109, sr=75, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7c6cd217-Z--
--0c462043-A--
[01/Jul/2026:15:16:19.942124 +0000] akUvQ7h@PR-WvDm@idzcgQAAAFU 103.125.177.250 57404 172.26.37.160 7081
--0c462043-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--0c462043-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0c462043-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUvQ7h@PR-WvDm@idzcgQAAAFU"]
Action: Intercepted (phase 2)
Stopwatch: 1782918979938549 3631 (- - -)
Stopwatch2: 1782918979938549 3631; combined=1945, p1=353, p2=1403, p3=0, p4=0, p5=127, sr=83, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0c462043-Z--
--90b42775-A--
[01/Jul/2026:15:16:44.856866 +0000] akUvXLh@PR-WvDm@idzclQAAAEY 202.46.68.177 52034 172.26.37.160 7081
--90b42775-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--90b42775-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--90b42775-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (1+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUvXLh@PR-WvDm@idzclQAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782919004853809 3536 (- - -)
Stopwatch2: 1782919004853809 3536; combined=1538, p1=306, p2=1015, p3=0, p4=0, p5=142, sr=72, sw=75, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--90b42775-Z--
--24258714-A--
[01/Jul/2026:15:17:06.994661 +0000] akUvcuD-iiE84k1CU8wrIwAAAJc 172.68.242.120 33512 172.26.37.160 7081
--24258714-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 715
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com
accept-language: en-US
cf-ray: a146602e9b999c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--24258714-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--24258714-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (1+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUvcuD-iiE84k1CU8wrIwAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782919026990665 4100 (- - -)
Stopwatch2: 1782919026990665 4100; combined=2625, p1=1005, p2=1427, p3=0, p4=0, p5=130, sr=82, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--24258714-Z--
--a7a26114-A--
[01/Jul/2026:15:17:17.548004 +0000] akUvfTAEezdFPX8dU-TPTgAAANY 172.68.242.120 47430 172.26.37.160 7081
--a7a26114-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 719
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)
accept-language: en-US
cf-ray: a1466070898d9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--a7a26114-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a7a26114-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (0+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUvfTAEezdFPX8dU-TPTgAAANY"]
Action: Intercepted (phase 2)
Stopwatch: 1782919037542646 8281 (- - -)
Stopwatch2: 1782919037542646 8281; combined=2748, p1=397, p2=2165, p3=0, p4=0, p5=123, sr=80, sw=63, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a7a26114-Z--
--cfe30a22-A--
[01/Jul/2026:15:17:21.353914 +0000] akUvgbh@PR-WvDm@idzcqQAAAEI 104.22.24.100 47500 172.26.37.160 7081
--cfe30a22-B--
GET /products/2395215371731?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.24.100
X-Forwarded-For: 2a03:2880:f806:1d::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a146607a1f772643-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:1d::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--cfe30a22-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--cfe30a22-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/products/2395215371731"] [unique_id "akUvgbh@PR-WvDm@idzcqQAAAEI"]
Action: Intercepted (phase 1)
Stopwatch: 1782919041352622 1390 (- - -)
Stopwatch2: 1782919041352622 1390; combined=201, p1=151, p2=0, p3=0, p4=0, p5=50, sr=58, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--cfe30a22-Z--
--2f53277d-A--
[01/Jul/2026:15:17:34.071399 +0000] akUvjjAEezdFPX8dU-TPVgAAAMA 120.56.213.201 34032 172.26.37.160 7081
--2f53277d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--2f53277d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--2f53277d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUvjjAEezdFPX8dU-TPVgAAAMA"]
Action: Intercepted (phase 2)
Stopwatch: 1782919054068201 3254 (- - -)
Stopwatch2: 1782919054068201 3254; combined=1856, p1=326, p2=1341, p3=0, p4=0, p5=127, sr=91, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--2f53277d-Z--
--63f6b97c-A--
[01/Jul/2026:15:17:35.760518 +0000] akUvjzAEezdFPX8dU-TPVwAAAMk 103.125.177.250 48810 172.26.37.160 7081
--63f6b97c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--63f6b97c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--63f6b97c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUvjzAEezdFPX8dU-TPVwAAAMk"]
Action: Intercepted (phase 2)
Stopwatch: 1782919055754210 9799 (- - -)
Stopwatch2: 1782919055754210 9799; combined=2334, p1=413, p2=1662, p3=0, p4=0, p5=176, sr=88, sw=83, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--63f6b97c-Z--
--4b10b44b-A--
[01/Jul/2026:15:17:38.495437 +0000] akUvkjAEezdFPX8dU-TPXAAAANU 172.68.242.120 48912 172.26.37.160 7081
--4b10b44b-B--
POST /xmlrpc.php HTTP/1.1
Host: airvenushk.com
X-Real-IP: 172.68.242.120
X-Forwarded-For: 110.93.211.242
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 721
accept-encoding: gzip, br
content-type: text/xml; charset=utf-8
user-agent: WordPress.com; https://wordpress.com
accept-language: en-US
cf-ray: a14660f37d1b9c4a-SIN
accept: */*
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 110.93.211.242
cf-ipcountry: PK
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--4b10b44b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sun, 06 Nov 2022 08:48:02 GMT
ETag: "31b-5ecc95d588df0"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4b10b44b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.93.211.242 (3+1 hits since last alert)|airvenushk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airvenushk.com"] [uri "/xmlrpc.php"] [unique_id "akUvkjAEezdFPX8dU-TPXAAAANU"]
Action: Intercepted (phase 2)
Stopwatch: 1782919058490927 6666 (- - -)
Stopwatch2: 1782919058490927 6666; combined=1585, p1=304, p2=1112, p3=0, p4=0, p5=111, sr=69, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4b10b44b-Z--
--0482be22-A--
[01/Jul/2026:15:17:55.335989 +0000] akUvo7h@PR-WvDm@idzcvQAAAEY 120.56.213.201 51380 172.26.37.160 7081
--0482be22-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--0482be22-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0482be22-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUvo7h@PR-WvDm@idzcvQAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782919075331712 4522 (- - -)
Stopwatch2: 1782919075331712 4522; combined=1806, p1=327, p2=1031, p3=0, p4=0, p5=252, sr=73, sw=196, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0482be22-Z--
--e416631c-A--
[01/Jul/2026:15:17:59.577907 +0000] akUvp7h@PR-WvDm@idzcwAAAAEw 202.46.68.177 51462 172.26.37.160 7081
--e416631c-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: Jetpack by WordPress.com
--e416631c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e416631c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (2+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUvp7h@PR-WvDm@idzcwAAAAEw"]
Action: Intercepted (phase 2)
Stopwatch: 1782919079574285 3679 (- - -)
Stopwatch2: 1782919079574285 3679; combined=1586, p1=310, p2=1073, p3=0, p4=0, p5=139, sr=64, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e416631c-Z--
--4c4ebe65-A--
[01/Jul/2026:15:18:40.664729 +0000] akUv0Lh@PR-WvDm@idzc0QAAAEU 103.125.177.250 38596 172.26.37.160 7081
--4c4ebe65-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--4c4ebe65-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--4c4ebe65-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUv0Lh@PR-WvDm@idzc0QAAAEU"]
Action: Intercepted (phase 2)
Stopwatch: 1782919120660772 4013 (- - -)
Stopwatch2: 1782919120660772 4013; combined=2455, p1=356, p2=1078, p3=0, p4=0, p5=539, sr=92, sw=482, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--4c4ebe65-Z--
--9adb8117-A--
[01/Jul/2026:15:19:03.610560 +0000] akUv57h@PR-WvDm@idzc2gAAAFc 202.46.68.177 60094 172.26.37.160 7081
--9adb8117-B--
POST /xmlrpc.php HTTP/1.1
Host: eonhk.com
X-Real-IP: 202.46.68.177
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-ID
User-Agent: WordPress.com; https://wordpress.com
--9adb8117-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9adb8117-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.177 (0+1 hits since last alert)|eonhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eonhk.com"] [uri "/xmlrpc.php"] [unique_id "akUv57h@PR-WvDm@idzc2gAAAFc"]
Action: Intercepted (phase 2)
Stopwatch: 1782919143607697 2919 (- - -)
Stopwatch2: 1782919143607697 2919; combined=1914, p1=359, p2=1392, p3=0, p4=0, p5=107, sr=95, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9adb8117-Z--
--165ed945-A--
[01/Jul/2026:15:19:09.723355 +0000] akUv7TAEezdFPX8dU-TPcgAAAMs 120.56.213.201 58734 172.26.37.160 7081
--165ed945-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--165ed945-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--165ed945-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUv7TAEezdFPX8dU-TPcgAAAMs"]
Action: Intercepted (phase 2)
Stopwatch: 1782919149718970 4666 (- - -)
Stopwatch2: 1782919149718970 4666; combined=1936, p1=368, p2=1372, p3=0, p4=0, p5=128, sr=98, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--165ed945-Z--
--b2ab246d-A--
[01/Jul/2026:15:19:30.957910 +0000] akUwAuD-iiE84k1CU8wrXAAAAIc 120.56.213.201 37820 172.26.37.160 7081
--b2ab246d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--b2ab246d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--b2ab246d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUwAuD-iiE84k1CU8wrXAAAAIc"]
Action: Intercepted (phase 2)
Stopwatch: 1782919170953138 5588 (- - -)
Stopwatch2: 1782919170953138 5588; combined=1446, p1=316, p2=959, p3=0, p4=0, p5=115, sr=75, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--b2ab246d-Z--
--8382f967-A--
[01/Jul/2026:15:20:11.096765 +0000] akUwK@D-iiE84k1CU8wrbQAAAIw 104.22.24.100 54668 172.26.37.160 7081
--8382f967-B--
GET /items/R471906458/?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: simottodesign.com
X-Real-IP: 104.22.24.100
X-Forwarded-For: 2a03:2880:f806:46::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a14664ac9d7b57b4-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:46::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--8382f967-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8382f967-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simottodesign.com"] [uri "/items/R471906458/"] [unique_id "akUwK@D-iiE84k1CU8wrbQAAAIw"]
Action: Intercepted (phase 1)
Stopwatch: 1782919211094713 3683 (- - -)
Stopwatch2: 1782919211094713 3683; combined=271, p1=215, p2=0, p3=0, p4=0, p5=55, sr=69, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8382f967-Z--
--048f6c7d-A--
[01/Jul/2026:15:20:18.316623 +0000] akUwMjAEezdFPX8dU-TPhQAAAMg 103.125.177.250 55628 172.26.37.160 7081
--048f6c7d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--048f6c7d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--048f6c7d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUwMjAEezdFPX8dU-TPhQAAAMg"]
Action: Intercepted (phase 2)
Stopwatch: 1782919218313570 3122 (- - -)
Stopwatch2: 1782919218313570 3122; combined=1413, p1=303, p2=945, p3=0, p4=0, p5=108, sr=68, sw=57, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--048f6c7d-Z--
--bec7ed73-A--
[01/Jul/2026:15:20:39.967108 +0000] akUwR7h@PR-WvDm@idzdBAAAAEI 103.125.177.250 40498 172.26.37.160 7081
--bec7ed73-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 710
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--bec7ed73-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--bec7ed73-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUwR7h@PR-WvDm@idzdBAAAAEI"]
Action: Intercepted (phase 2)
Stopwatch: 1782919239963247 3921 (- - -)
Stopwatch2: 1782919239963247 3921; combined=2305, p1=306, p2=1809, p3=0, p4=0, p5=123, sr=73, sw=67, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--bec7ed73-Z--
--ab14d00b-A--
[01/Jul/2026:15:20:45.589099 +0000] akUwTTAEezdFPX8dU-TPiAAAANc 120.56.213.201 53860 172.26.37.160 7081
--ab14d00b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)
--ab14d00b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ab14d00b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUwTTAEezdFPX8dU-TPiAAAANc"]
Action: Intercepted (phase 2)
Stopwatch: 1782919245586010 3151 (- - -)
Stopwatch2: 1782919245586010 3151; combined=1479, p1=330, p2=960, p3=0, p4=0, p5=130, sr=84, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ab14d00b-Z--
--6a0a5257-A--
[01/Jul/2026:15:20:56.192355 +0000] akUwWDAEezdFPX8dU-TPigAAAMc 120.56.213.201 57772 172.26.37.160 7081
--6a0a5257-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--6a0a5257-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6a0a5257-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUwWDAEezdFPX8dU-TPigAAAMc"]
Action: Intercepted (phase 2)
Stopwatch: 1782919256188069 9513 (- - -)
Stopwatch2: 1782919256188069 9513; combined=1723, p1=303, p2=1231, p3=0, p4=0, p5=123, sr=69, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6a0a5257-Z--
--d2063226-A--
[01/Jul/2026:15:21:48.031801 +0000] akUwjLh@PR-WvDm@idzdEgAAAEs 103.125.177.250 44334 172.26.37.160 7081
--d2063226-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--d2063226-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--d2063226-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUwjLh@PR-WvDm@idzdEgAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782919308028462 3395 (- - -)
Stopwatch2: 1782919308028462 3395; combined=2237, p1=314, p2=1749, p3=0, p4=0, p5=114, sr=85, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--d2063226-Z--
--aa605054-A--
[01/Jul/2026:15:22:00.131407 +0000] akUwmLh@PR-WvDm@idzdFwAAAE8 103.125.177.250 47168 172.26.37.160 7081
--aa605054-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--aa605054-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--aa605054-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUwmLh@PR-WvDm@idzdFwAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782919320126075 5393 (- - -)
Stopwatch2: 1782919320126075 5393; combined=1597, p1=321, p2=1017, p3=0, p4=0, p5=164, sr=70, sw=95, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--aa605054-Z--
--39f87c3d-A--
[01/Jul/2026:15:22:21.358254 +0000] akUwrbh@PR-WvDm@idzdIQAAAEo 120.56.213.201 34592 172.26.37.160 7081
--39f87c3d-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--39f87c3d-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--39f87c3d-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUwrbh@PR-WvDm@idzdIQAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782919341353804 4666 (- - -)
Stopwatch2: 1782919341353804 4666; combined=1518, p1=333, p2=991, p3=0, p4=0, p5=126, sr=76, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--39f87c3d-Z--
--17e3554a-A--
[01/Jul/2026:15:23:03.840599 +0000] akUw1@D-iiE84k1CU8wrlwAAAJc 120.56.213.201 38924 172.26.37.160 7081
--17e3554a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 120.56.213.201
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--17e3554a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--17e3554a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.213.201 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUw1@D-iiE84k1CU8wrlwAAAJc"]
Action: Intercepted (phase 2)
Stopwatch: 1782919383837218 3441 (- - -)
Stopwatch2: 1782919383837218 3441; combined=1615, p1=364, p2=1045, p3=0, p4=0, p5=138, sr=86, sw=68, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--17e3554a-Z--
--adcb0477-A--
[01/Jul/2026:15:23:15.090197 +0000] akUw47h@PR-WvDm@idzdMgAAAEc 103.125.177.250 60758 172.26.37.160 7081
--adcb0477-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--adcb0477-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--adcb0477-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUw47h@PR-WvDm@idzdMgAAAEc"]
Action: Intercepted (phase 2)
Stopwatch: 1782919395085101 5168 (- - -)
Stopwatch2: 1782919395085101 5168; combined=3713, p1=314, p2=3195, p3=0, p4=0, p5=133, sr=77, sw=71, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--adcb0477-Z--
--62516a61-A--
[01/Jul/2026:15:24:40.803856 +0000] akUxOLh@PR-WvDm@idzduwAAAEo 103.125.177.250 41258 172.26.37.160 7081
--62516a61-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 714
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--62516a61-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--62516a61-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUxOLh@PR-WvDm@idzduwAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782919480800069 3875 (- - -)
Stopwatch2: 1782919480800069 3875; combined=2612, p1=334, p2=2110, p3=0, p4=0, p5=108, sr=74, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--62516a61-Z--
--257b881b-A--
[01/Jul/2026:15:25:06.243412 +0000] akUxUrh@PR-WvDm@idzdxgAAAEU 103.125.177.250 41872 172.26.37.160 7081
--257b881b-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--257b881b-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--257b881b-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUxUrh@PR-WvDm@idzdxgAAAEU"]
Action: Intercepted (phase 2)
Stopwatch: 1782919506240279 3188 (- - -)
Stopwatch2: 1782919506240279 3188; combined=1529, p1=347, p2=999, p3=0, p4=0, p5=119, sr=79, sw=64, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--257b881b-Z--
--ef3ddd3a-A--
[01/Jul/2026:15:25:33.153652 +0000] akUxbeD-iiE84k1CU8wsBAAAAIA 104.22.24.211 51136 172.26.37.160 7081
--ef3ddd3a-B--
GET /products/2944631508881?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.22.24.211
X-Forwarded-For: 2a03:2880:f806:4b::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a1466c897df27d7b-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:4b::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--ef3ddd3a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ef3ddd3a-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/products/2944631508881"] [unique_id "akUxbeD-iiE84k1CU8wsBAAAAIA"]
Action: Intercepted (phase 1)
Stopwatch: 1782919533152878 849 (- - -)
Stopwatch2: 1782919533152878 849; combined=240, p1=188, p2=0, p3=0, p4=0, p5=52, sr=71, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ef3ddd3a-Z--
--c270007a-A--
[01/Jul/2026:15:25:53.400990 +0000] akUxgbh@PR-WvDm@idzd3QAAAEs 103.125.177.250 48288 172.26.37.160 7081
--c270007a-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 702
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--c270007a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c270007a-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUxgbh@PR-WvDm@idzd3QAAAEs"]
Action: Intercepted (phase 2)
Stopwatch: 1782919553398361 2684 (- - -)
Stopwatch2: 1782919553398361 2684; combined=1483, p1=311, p2=968, p3=0, p4=0, p5=128, sr=74, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c270007a-Z--
--81893925-A--
[01/Jul/2026:15:26:14.934356 +0000] akUxluD-iiE84k1CU8wsEAAAAIg 103.125.177.250 46538 172.26.37.160 7081
--81893925-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--81893925-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--81893925-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUxluD-iiE84k1CU8wsEAAAAIg"]
Action: Intercepted (phase 2)
Stopwatch: 1782919574931316 3130 (- - -)
Stopwatch2: 1782919574931316 3130; combined=1874, p1=737, p2=962, p3=0, p4=0, p5=113, sr=76, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--81893925-Z--
--1ae4dc5e-A--
[01/Jul/2026:15:26:39.711076 +0000] akUxr@D-iiE84k1CU8wsFgAAAIw 164.92.168.129 49124 172.26.37.160 7081
--1ae4dc5e-B--
GET /.git/config HTTP/1.1
Host: eonhk.com
X-Real-IP: 164.92.168.129
X-Accel-Internal: /internal-nginx-static-location
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
--1ae4dc5e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Thu, 21 Nov 2024 08:13:17 GMT
ETag: "31b-62767d6b083a4"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--1ae4dc5e-H--
Message: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eonhk.com"] [uri "/.git/config"] [unique_id "akUxr@D-iiE84k1CU8wsFgAAAIw"]
Action: Intercepted (phase 1)
Stopwatch: 1782919599710258 884 (- - -)
Stopwatch2: 1782919599710258 884; combined=263, p1=195, p2=0, p3=0, p4=0, p5=67, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--1ae4dc5e-Z--
--9c4e654c-A--
[01/Jul/2026:15:26:53.814403 +0000] akUxvLh@PR-WvDm@idzeAgAAAFQ 223.17.53.207 56556 172.26.37.160 7081
--9c4e654c-B--
GET /wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.4.81745577107 HTTP/1.1
Host: eonhk.com
X-Real-IP: 223.17.53.207
X-Accel-Internal: /internal-nginx-static-location
sec-fetch-dest: script
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_6_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.6 Mobile/15E148 Safari/604.1
accept: */*
referer: https://eonhk.com/product-category/furniture/chair-%E6%A4%85%E5%AD%90/page/2/
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
accept-language: en-GB,en;q=0.9
priority: u=1, i
accept-encoding: gzip, deflate, br
cookie: _ga_JWZNZZ0JR8=GS2.1.s1782884154$o1$g1$t1782884358$j1$l0$h924435815; __stripe_mid=949fc21f-4882-4667-aaa4-661216d99303ae1a66; _ga=GA1.1.58858049.1782884154; woodmart_recently_viewed_products=9665|11125; _gcl_au=1.1.631034478.1782884153
--9c4e654c-F--
HTTP/1.1 200 OK
X-Accel-Version: 0.01
X-Accel-Redirect: /internal-nginx-static-location/wp-content/plugins/chaty/js/cht-front-script.min.js
Content-Length: 0
Content-Type: application/javascript
--9c4e654c-E--
--9c4e654c-H--
Message: collections_remove_stale: Failed deleting collection (name "ip", key "110.93.211.242_b675e65d3178dac6f2a26b6ca5992970940c3750"): Internal error (specific information not available)
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "110.93.211.242_b675e65d3178dac6f2a26b6ca5992970940c3750"): Internal error (specific information not available) [hostname "eonhk.com"] [uri "/wp-content/plugins/chaty/js/cht-front-script.min.js"] [unique_id "akUxvLh@PR-WvDm@idzeAgAAAFQ"]
Stopwatch: 1782919612168568 1645913 (- - -)
Stopwatch2: 1782919612168568 1645913; combined=2967379, p1=205, p2=16521, p3=39, p4=14076, p5=1468292, sr=100, sw=1, l=0, gc=1468245
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
WebApp-Info: "default" "1782884154" "-"
Engine-Mode: "ENABLED"
--9c4e654c-Z--
--91e2cd5c-A--
[01/Jul/2026:15:27:41.256584 +0000] akUx7bh@PR-WvDm@idzeMwAAAEE 103.125.177.250 60762 172.26.37.160 7081
--91e2cd5c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 713
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--91e2cd5c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--91e2cd5c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (4+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUx7bh@PR-WvDm@idzeMwAAAEE"]
Action: Intercepted (phase 2)
Stopwatch: 1782919661253449 3195 (- - -)
Stopwatch2: 1782919661253449 3195; combined=1751, p1=287, p2=1293, p3=0, p4=0, p5=111, sr=65, sw=60, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--91e2cd5c-Z--
--910caa51-A--
[01/Jul/2026:15:28:21.264714 +0000] akUyFbh@PR-WvDm@idzenQAAAFE 104.23.243.172 53964 172.26.37.160 7081
--910caa51-B--
GET /wp-sitemap.xml?lokasie=%2Fboot%2Fgrub%2Fgrub.cfg&loknya=%2Fboot%2Fgrub HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.172
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a14670a4187c2877-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--910caa51-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--910caa51-H--
Message: Access denied with code 403 (phase 2). Matched phrase "boot/grub/grub.cfg" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: boot/grub/grub.cfg found within ARGS:lokasie: /boot/grub/grub.cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "boot/grub/grub.cfg" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: boot/grub/grub.cfg found within ARGS:lokasie: /boot/grub/grub.cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUyFbh@PR-WvDm@idzenQAAAFE"]
Action: Intercepted (phase 2)
Stopwatch: 1782919701261233 3581 (- - -)
Stopwatch2: 1782919701261233 3581; combined=1430, p1=826, p2=540, p3=0, p4=0, p5=64, sr=76, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--910caa51-Z--
--7a24d516-A--
[01/Jul/2026:15:28:35.139306 +0000] akUyI7h@PR-WvDm@idzetQAAAEY 103.125.177.250 57638 172.26.37.160 7081
--7a24d516-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 704
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--7a24d516-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--7a24d516-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUyI7h@PR-WvDm@idzetQAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782919715133870 5524 (- - -)
Stopwatch2: 1782919715133870 5524; combined=3128, p1=442, p2=2043, p3=0, p4=0, p5=363, sr=87, sw=280, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--7a24d516-Z--
--41e4a00c-A--
[01/Jul/2026:15:28:56.748764 +0000] akUyOLh@PR-WvDm@idzexAAAAEM 103.125.177.250 44022 172.26.37.160 7081
--41e4a00c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 706
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--41e4a00c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--41e4a00c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUyOLh@PR-WvDm@idzexAAAAEM"]
Action: Intercepted (phase 2)
Stopwatch: 1782919736745558 3262 (- - -)
Stopwatch2: 1782919736745558 3262; combined=1656, p1=320, p2=1168, p3=0, p4=0, p5=109, sr=71, sw=59, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--41e4a00c-Z--
--3918b73a-A--
[01/Jul/2026:15:29:06.044291 +0000] akUyQjAEezdFPX8dU-TRFQAAAMI 104.22.56.207 53414 172.26.37.160 7081
--3918b73a-B--
GET /products/2609461496146?lokasie=/var/www/vhosts/simottodesign.com/httpdocs/.htaccess&loknya=/var/www/vhosts/simottodesign.com/httpdocs HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.22.56.207
X-Forwarded-For: 2a03:2880:f806:16::
X-Accel-Internal: /internal-nginx-static-location
accept: */*
cf-ray: a14671bc0b29c243-ATL
user-agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 2a03:2880:f806:16::
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
accept-encoding: gzip, br
--3918b73a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3918b73a-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/products/2609461496146"] [unique_id "akUyQjAEezdFPX8dU-TRFQAAAMI"]
Action: Intercepted (phase 1)
Stopwatch: 1782919746043418 956 (- - -)
Stopwatch2: 1782919746043418 956; combined=237, p1=176, p2=0, p3=0, p4=0, p5=60, sr=64, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3918b73a-Z--
--e7cfc71e-A--
[01/Jul/2026:15:30:20.274522 +0000] akUyjDAEezdFPX8dU-TRTgAAANU 104.23.243.172 33198 172.26.37.160 7081
--e7cfc71e-B--
GET /wp-sitemap.xml?lokasie=%2Fetc%2Fmodules&loknya=%2Fetc HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.172
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a146738bffc052f1-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e7cfc71e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e7cfc71e-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fmodules&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fmodules&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUyjDAEezdFPX8dU-TRTgAAANU"]
Action: Intercepted (phase 2)
Stopwatch: 1782919820272365 2229 (- - -)
Stopwatch2: 1782919820272365 2229; combined=864, p1=710, p2=86, p3=0, p4=0, p5=67, sr=469, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e7cfc71e-Z--
--9ae81079-A--
[01/Jul/2026:15:30:55.820510 +0000] akUyrzAEezdFPX8dU-TRYgAAAMQ 103.125.177.250 38942 172.26.37.160 7081
--9ae81079-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 711
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--9ae81079-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9ae81079-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (0+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUyrzAEezdFPX8dU-TRYgAAAMQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782919855816404 4170 (- - -)
Stopwatch2: 1782919855816404 4170; combined=2734, p1=1190, p2=1333, p3=0, p4=0, p5=145, sr=89, sw=66, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9ae81079-Z--
--9134044e-A--
[01/Jul/2026:15:31:29.763812 +0000] akUy0TAEezdFPX8dU-TRcAAAAME 104.23.243.172 50534 172.26.37.160 7081
--9134044e-B--
GET /wp-sitemap.xml?lokasie=%2Fproc%2Fcpuinfo&loknya=%2Fproc HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.172
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a146753e3c49c6f8-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--9134044e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--9134044e-H--
Message: Access denied with code 403 (phase 2). Matched phrase "proc/cpuinfo" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: proc/cpuinfo found within ARGS:lokasie: /proc/cpuinfo"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "proc/cpuinfo" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: proc/cpuinfo found within ARGS:lokasie: /proc/cpuinfo"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUy0TAEezdFPX8dU-TRcAAAAME"]
Action: Intercepted (phase 2)
Stopwatch: 1782919889758772 6102 (- - -)
Stopwatch2: 1782919889758772 6102; combined=1093, p1=307, p2=703, p3=0, p4=0, p5=82, sr=62, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--9134044e-Z--
--91158e73-A--
[01/Jul/2026:15:32:00.553184 +0000] akUy8Lh@PR-WvDm@idzfOwAAAEM 103.125.177.250 57960 172.26.37.160 7081
--91158e73-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--91158e73-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--91158e73-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUy8Lh@PR-WvDm@idzfOwAAAEM"]
Action: Intercepted (phase 2)
Stopwatch: 1782919920549341 3900 (- - -)
Stopwatch2: 1782919920549341 3900; combined=2507, p1=368, p2=1914, p3=0, p4=0, p5=145, sr=95, sw=80, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--91158e73-Z--
--e476a371-A--
[01/Jul/2026:15:32:22.465181 +0000] akUzBrh@PR-WvDm@idzfRAAAAE8 103.125.177.250 56316 172.26.37.160 7081
--e476a371-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 709
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--e476a371-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e476a371-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUzBrh@PR-WvDm@idzfRAAAAE8"]
Action: Intercepted (phase 2)
Stopwatch: 1782919942461685 3551 (- - -)
Stopwatch2: 1782919942461685 3551; combined=2392, p1=327, p2=1890, p3=0, p4=0, p5=113, sr=74, sw=62, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e476a371-Z--
--894f2411-A--
[01/Jul/2026:15:33:16.409204 +0000] akUzPLh@PR-WvDm@idzfUAAAAE4 103.125.177.250 42574 172.26.37.160 7081
--894f2411-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 703
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: WordPress.com; https://wordpress.com
--894f2411-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--894f2411-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (2+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUzPLh@PR-WvDm@idzfUAAAAE4"]
Action: Intercepted (phase 2)
Stopwatch: 1782919996406126 3182 (- - -)
Stopwatch2: 1782919996406126 3182; combined=1947, p1=344, p2=1383, p3=0, p4=0, p5=144, sr=79, sw=76, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--894f2411-Z--
--a1f8fd65-A--
[01/Jul/2026:15:33:37.928525 +0000] akUzUTAEezdFPX8dU-TRpAAAANU 103.125.177.250 49258 172.26.37.160 7081
--a1f8fd65-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 705
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--a1f8fd65-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--a1f8fd65-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUzUTAEezdFPX8dU-TRpAAAANU"]
Action: Intercepted (phase 2)
Stopwatch: 1782920017924904 3682 (- - -)
Stopwatch2: 1782920017924904 3682; combined=2406, p1=339, p2=1899, p3=0, p4=0, p5=110, sr=74, sw=58, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--a1f8fd65-Z--
--39f20f6c-A--
[01/Jul/2026:15:34:53.589897 +0000] akUznbh@PR-WvDm@idzfZwAAAEo 103.125.177.250 35398 172.26.37.160 7081
--39f20f6c-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 708
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--39f20f6c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--39f20f6c-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (1+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUznbh@PR-WvDm@idzfZwAAAEo"]
Action: Intercepted (phase 2)
Stopwatch: 1782920093587087 2879 (- - -)
Stopwatch2: 1782920093587087 2879; combined=1708, p1=331, p2=1216, p3=0, p4=0, p5=105, sr=79, sw=56, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--39f20f6c-Z--
--e8dac128-A--
[01/Jul/2026:15:36:09.307327 +0000] akUz6TAEezdFPX8dU-TR1QAAAM4 103.125.177.250 47442 172.26.37.160 7081
--e8dac128-B--
POST /xmlrpc.php HTTP/1.1
Host: avmhk.com
X-Real-IP: 103.125.177.250
X-Accel-Internal: /internal-nginx-static-location
Content-Length: 707
Content-Type: text/xml; charset=utf-8
Accept: */*
Accept-Language: en-US
User-Agent: Jetpack by WordPress.com
--e8dac128-F--
HTTP/1.1 403 Forbidden
Last-Modified: Mon, 17 Oct 2022 11:09:10 GMT
ETag: "31b-5eb390140ed72"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e8dac128-H--
Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.177.250 (3+1 hits since last alert)|avmhk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avmhk.com"] [uri "/xmlrpc.php"] [unique_id "akUz6TAEezdFPX8dU-TR1QAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782920169304178 3845 (- - -)
Stopwatch2: 1782920169304178 3845; combined=1557, p1=340, p2=1009, p3=0, p4=0, p5=139, sr=76, sw=69, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e8dac128-Z--
--8901d026-A--
[01/Jul/2026:15:36:14.380473 +0000] akUz7rh@PR-WvDm@idzfiwAAAFg 162.159.115.19 33920 172.26.37.160 7081
--8901d026-B--
GET /wp-sitemap.xml?lokasie=%2Fetc%2Fhosts.allow&loknya=%2Fetc HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1467c311873c77b-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--8901d026-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--8901d026-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fhosts.allow&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fhosts.allow&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUz7rh@PR-WvDm@idzfiwAAAFg"]
Action: Intercepted (phase 2)
Stopwatch: 1782920174378900 1642 (- - -)
Stopwatch2: 1782920174378900 1642; combined=466, p1=335, p2=81, p3=0, p4=0, p5=49, sr=65, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--8901d026-Z--
--e9be2426-A--
[01/Jul/2026:15:36:17.538727 +0000] akUz8TAEezdFPX8dU-TR3wAAAMU 162.159.115.19 33976 172.26.37.160 7081
--e9be2426-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Fbak%2Fwp-admin__57d57c5%2F.htaccess&loknya=%2Fvar%2Fwww%2Fvhosts%2Fsimottodesign.com%2Fbak%2Fwp-admin__57d57c5 HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1467c44dec6b1bb-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--e9be2426-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--e9be2426-H--
Message: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUz8TAEezdFPX8dU-TR3wAAAMU"]
Action: Intercepted (phase 1)
Stopwatch: 1782920177537965 838 (- - -)
Stopwatch2: 1782920177537965 838; combined=249, p1=194, p2=0, p3=0, p4=0, p5=54, sr=72, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--e9be2426-Z--
--ab147526-A--
[01/Jul/2026:15:36:20.511367 +0000] akUz9CRaK0UK-bvS7lwidAAAAAs 162.159.115.19 34162 172.26.37.160 7081
--ab147526-B--
GET /wp-sitemap.xml?lokasie=%2Fetc%2Fscreenrc&loknya=%2Fetc HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1467c574a42b1bb-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ab147526-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ab147526-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fscreenrc&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fscreenrc&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUz9CRaK0UK-bvS7lwidAAAAAs"]
Action: Intercepted (phase 2)
Stopwatch: 1782920180485462 25981 (- - -)
Stopwatch2: 1782920180485462 25981; combined=24239, p1=24105, p2=82, p3=0, p4=0, p5=52, sr=23364, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ab147526-Z--
--0a74b85e-A--
[01/Jul/2026:15:36:21.272351 +0000] akUz9SRaK0UK-bvS7lwidwAAABQ 162.159.115.19 34206 172.26.37.160 7081
--0a74b85e-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Flog%2Fmaillog.processed&loknya=%2Fvar%2Flog HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1467c5c2bd6b1bb-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--0a74b85e-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--0a74b85e-H--
Message: Access denied with code 403 (phase 2). Matched phrase "var/log/maillog" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: var/log/maillog found within ARGS:lokasie: /var/log/maillog.processed"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "var/log/maillog" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: var/log/maillog found within ARGS:lokasie: /var/log/maillog.processed"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUz9SRaK0UK-bvS7lwidwAAABQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782920181269569 4226 (- - -)
Stopwatch2: 1782920181269569 4226; combined=844, p1=295, p2=494, p3=0, p4=0, p5=54, sr=67, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--0a74b85e-Z--
--587d5f3a-A--
[01/Jul/2026:15:36:22.296707 +0000] akUz9jAEezdFPX8dU-TR5wAAANg 162.159.115.19 34268 172.26.37.160 7081
--587d5f3a-B--
GET /wp-sitemap.xml?lokasie=%2Fvar%2Flog%2Fauth.log.1&loknya=%2Fvar%2Flog HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1467c629819b1bb-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--587d5f3a-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--587d5f3a-H--
Message: Access denied with code 403 (phase 2). Matched phrase "var/log/auth.log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:lokasie: /var/log/auth.log.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "var/log/auth.log" at ARGS:lokasie. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:lokasie: /var/log/auth.log.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUz9jAEezdFPX8dU-TR5wAAANg"]
Action: Intercepted (phase 2)
Stopwatch: 1782920182293070 7555 (- - -)
Stopwatch2: 1782920182293070 7555; combined=1405, p1=295, p2=1056, p3=0, p4=0, p5=53, sr=60, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--587d5f3a-Z--
--3b5fea55-A--
[01/Jul/2026:15:36:23.349843 +0000] akUz97h@PR-WvDm@idzflAAAAEY 162.159.115.19 34380 172.26.37.160 7081
--3b5fea55-B--
GET /wp-sitemap.xml?lokasie=%2Fetc%2Fshadow-&loknya=%2Fetc HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1467c692cfbb1bb-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--3b5fea55-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--3b5fea55-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fshadow-&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fshadow-&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUz97h@PR-WvDm@idzflAAAAEY"]
Action: Intercepted (phase 2)
Stopwatch: 1782920183346197 5003 (- - -)
Stopwatch2: 1782920183346197 5003; combined=439, p1=282, p2=78, p3=0, p4=0, p5=78, sr=62, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--3b5fea55-Z--
--ca0dce5f-A--
[01/Jul/2026:15:36:23.542090 +0000] akUz97h@PR-WvDm@idzflgAAAFA 162.159.115.19 34404 172.26.37.160 7081
--ca0dce5f-B--
GET /wp-sitemap.xml?lokasie=%2Fetc%2Ffstab&loknya=%2Fetc HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 162.159.115.19
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1467c6a5f5bb1bb-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--ca0dce5f-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--ca0dce5f-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Ffstab&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Ffstab&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akUz97h@PR-WvDm@idzflgAAAFA"]
Action: Intercepted (phase 2)
Stopwatch: 1782920183538152 5254 (- - -)
Stopwatch2: 1782920183538152 5254; combined=839, p1=289, p2=484, p3=0, p4=0, p5=65, sr=66, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--ca0dce5f-Z--
--6c5f714c-A--
[01/Jul/2026:15:36:46.858978 +0000] akU0DjAEezdFPX8dU-TR8gAAANQ 104.23.243.32 51364 172.26.37.160 7081
--6c5f714c-B--
GET /wp-sitemap.xml?lokasie=%2Fetc%2Frmt&loknya=%2Fetc HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.32
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1467cfc1b5fb1bb-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--6c5f714c-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--6c5f714c-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Frmt&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Frmt&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akU0DjAEezdFPX8dU-TR8gAAANQ"]
Action: Intercepted (phase 2)
Stopwatch: 1782920206856997 2106 (- - -)
Stopwatch2: 1782920206856997 2106; combined=454, p1=287, p2=94, p3=0, p4=0, p5=72, sr=68, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--6c5f714c-Z--
--c59b8435-A--
[01/Jul/2026:15:36:57.874820 +0000] akU0GTAEezdFPX8dU-TR@wAAAM4 104.23.243.226 41820 172.26.37.160 7081
--c59b8435-B--
GET /wp-sitemap.xml?lokasie=%2Fetc%2Fshadow&loknya=%2Fetc HTTP/1.1
Host: www.simottodesign.com
X-Real-IP: 104.23.243.226
X-Forwarded-For: 216.73.217.31
X-Accel-Internal: /internal-nginx-static-location
cf-ray: a1467d40fee1a23e-CMH
accept: */*
accept-encoding: gzip, br
user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
cdn-loop: cloudflare; loops=1
cf-connecting-ip: 216.73.217.31
cf-ipcountry: US
cf-visitor: {"scheme":"https"}
x-forwarded-proto: https
--c59b8435-F--
HTTP/1.1 403 Forbidden
Last-Modified: Tue, 03 Dec 2024 02:54:57 GMT
ETag: "31b-62854ca5b6e01"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html
--c59b8435-H--
Message: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fshadow&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.simottodesign.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-sitemap.xml?lokasie=%2Fetc%2Fshadow&loknya=%2Fetc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.simottodesign.com"] [uri "/wp-sitemap.xml"] [unique_id "akU0GTAEezdFPX8dU-TR@wAAAM4"]
Action: Intercepted (phase 2)
Stopwatch: 1782920217872433 2482 (- - -)
Stopwatch2: 1782920217872433 2482; combined=439, p1=302, p2=81, p3=0, p4=0, p5=56, sr=67, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"
--c59b8435-Z--