π©πͺ
ghostwarriors
2026-07-16 22:21:50
(17 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
ghostwarriors
2026-07-12 18:50:13
(4 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 18:24:47
(4 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-12 17:58:13
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 13:57:57.398157 2026] [security2:error] [pid 21548:tid 21548] [client 103.87.192.49:7430] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.87.192.49 (+1 hits since last alert)|meganmurph.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "meganmurph.com"] [uri "/xmlrpc.php"] [unique_id "alPVpaETHODTFhBXSPmN0QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 17:35:11
(4 days ago)
Bad Web Bot
Web App Attack
π«π·
bigorre.org
2026-07-10 16:39:31
(6 days ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
πΊπΈ
kosada.com
2026-07-09 22:47:45
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-20 13:12:53
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 09:12:37.609811 2026] [security2:error] [pid 5476:tid 5507] [client 103.87.192.49:53779] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.87.192.49 (+1 hits since last alert)|woodamy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "woodamy.com"] [uri "/xmlrpc.php"] [unique_id "ajaRxZVWREQJ8_Hpxx7xZAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-18 17:15:54
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 13:15:38.750281 2026] [security2:error] [pid 20049:tid 20049] [client 103.87.192.49:55803] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.87.192.49 (+1 hits since last alert)|motherlyhomecare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "motherlyhomecare.com"] [uri "/xmlrpc.php"] [unique_id "ajQnujl1zy2Xt6STwdQH3AAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-18 16:17:16
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 12:16:59.538909 2026] [security2:error] [pid 30901:tid 30901] [client 103.87.192.49:53826] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.87.192.49 (+1 hits since last alert)|pharmaceuticalsalescareerhub.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pharmaceuticalsalescareerhub.com"] [uri "/xmlrpc.php"] [unique_id "ajQZ-3aWnY-Fs9ljbK029gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-17 19:04:21
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.87.192.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 15:04:05.801675 2026] [security2:error] [pid 7474:tid 7484] [client 103.87.192.49:57484] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.87.192.49 (+1 hits since last alert)|nabsci.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nabsci.com"] [uri "/xmlrpc.php"] [unique_id "ajLvpcye4KMCjDjuZhSMQAAAAMc"]
show less
Brute-Force
Bad Web Bot
Web App Attack