πΊπΈ
lostswordfish.com
2026-06-22 12:40:08
(6 days ago)
Wordfence waf block on fairregistry
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 10:30:42
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 06:30:36.245279 2026] [security2:error] [pid 18439:tid 18439] [client 187.87.152.79:18444] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 187.87.152.79 (+1 hits since last alert)|desdier.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desdier.com"] [uri "/xmlrpc.php"] [unique_id "ajkOzPRuCfjmYZ0LdXLVogAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-20 21:54:49
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:54:45.551544 2026] [security2:error] [pid 11270:tid 11270] [client 187.87.152.79:20812] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 187.87.152.79 (+1 hits since last alert)|caddydad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "caddydad.com"] [uri "/xmlrpc.php"] [unique_id "ajcMJUxmMyZ_roT4gX2CDQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-20 20:12:28
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 16:12:22.389151 2026] [security2:error] [pid 3547:tid 3547] [client 187.87.152.79:20509] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 187.87.152.79 (+1 hits since last alert)|lumentravel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lumentravel.com"] [uri "/xmlrpc.php"] [unique_id "ajb0JoUqZSSD1aEpEUjPkQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π±π»
garmtech.com
2026-06-20 19:05:38
(1 week ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-18 18:14:28
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 14:14:21.889569 2026] [security2:error] [pid 19607:tid 19607] [client 187.87.152.79:18143] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 187.87.152.79 (+1 hits since last alert)|stellabluesales.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stellabluesales.com"] [uri "/xmlrpc.php"] [unique_id "ajQ1fXpWvL1sdMGSrEgVgAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-02 18:40:23
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 14:40:17.773702 2026] [security2:error] [pid 25262:tid 25262] [client 187.87.152.79:20476] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 187.87.152.79 (+1 hits since last alert)|theyoungstrategist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theyoungstrategist.com"] [uri "/xmlrpc.php"] [unique_id "ah8jkeozpfz5OqjXaheWEwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 20:50:34
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 187.87.152.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:50:27.232444 2026] [security2:error] [pid 7140:tid 7140] [client 187.87.152.79:17355] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 187.87.152.79 (+1 hits since last alert)|athletefirst.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "athletefirst.org"] [uri "/xmlrpc.php"] [unique_id "ah3wkyRbVqar4mRbr6v6jAAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack