πΊπΈ
TPI-Abuse
2026-07-07 18:00:23
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 14:00:19.502092 2026] [security2:error] [pid 15203:tid 15203] [client 87.116.181.34:48056] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|hawaiivacations.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hawaiivacations.com"] [uri "/xmlrpc.php"] [unique_id "ak0-s0y7MCcXuoPyfzwljQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-07-07 17:56:37
(5 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 17:28:03
(6 hours ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:27:54.322880 2026] [security2:error] [pid 29634:tid 29634] [client 87.116.181.34:47984] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|talkingmess.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "talkingmess.com"] [uri "/xmlrpc.php"] [unique_id "ak03Gmb5JC4qw9e8pUTFWwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 09:48:59
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 05:48:54.657458 2026] [security2:error] [pid 24696:tid 24696] [client 87.116.181.34:47895] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|nearfieldchrist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nearfieldchrist.com"] [uri "/xmlrpc.php"] [unique_id "akt6Bilwm-iHXETqktiDWgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 03:59:40
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 23:59:36.039976 2026] [security2:error] [pid 28578:tid 28578] [client 87.116.181.34:48117] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|idmadventures.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "idmadventures.com"] [uri "/xmlrpc.php"] [unique_id "aksoKIvT5gQP5cE7GhBH-wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
WeekendWeb
2026-07-06 03:57:50
(1 day ago)
Wordpress Vunerability attack
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 00:56:13
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 20:56:06.056518 2026] [security2:error] [pid 16101:tid 16101] [client 87.116.181.34:44563] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|cmcnow.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cmcnow.com"] [uri "/xmlrpc.php"] [unique_id "akr9JjFR12NIdqz0nDIZDwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-07-05 03:31:02
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-05 03:03:04
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 23:02:56.961445 2026] [security2:error] [pid 32179:tid 32179] [client 87.116.181.34:48072] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|thebrotherhoodlounge.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thebrotherhoodlounge.com"] [uri "/xmlrpc.php"] [unique_id "aknJYH46MXXKCmZUTYJX4gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-05 02:01:04
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 22:00:58.294274 2026] [security2:error] [pid 30085:tid 30095] [client 87.116.181.34:42860] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|hearthandhomestudio.art|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hearthandhomestudio.art"] [uri "/xmlrpc.php"] [unique_id "akm62jvNeyP1fZDRUSWdXAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 23:27:15
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 19:27:10.586306 2026] [security2:error] [pid 19667:tid 19667] [client 87.116.181.34:47961] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|fetchamreadingroom.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fetchamreadingroom.org"] [uri "/xmlrpc.php"] [unique_id "akmWzg4cAAMy9aTWP4BPPwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
integrantservices.com
2026-07-04 22:23:56
(3 days ago)
(wordpress) Failed wordpress login from 87.116.181.34 (RS/Serbia/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-04 20:13:31
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 16:13:24.274642 2026] [security2:error] [pid 7705:tid 7705] [client 87.116.181.34:42822] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|mavikalem.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mavikalem.org"] [uri "/xmlrpc.php"] [unique_id "aklpZFs7Z04iCG475uw1iAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 18:37:44
(3 days ago)
87.116.181.34 - - [04/Jul/2026:20:37:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.co ...
show more
87.116.181.34 - - [04/Jul/2026:20:37:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com"
87.116.181.34 - - [04/Jul/2026:20:37:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com"
87.116.181.34 - - [04/Jul/2026:20:37:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
87.116.181.34 - - [04/Jul/2026:20:37:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
87.116.181.34 - - [04/Jul/2026:20:37:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
...
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 08:10:40
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 87.116.181.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:10:36.306868 2026] [security2:error] [pid 15704:tid 15704] [client 87.116.181.34:14745] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 87.116.181.34 (+1 hits since last alert)|boaredraven.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "boaredraven.com"] [uri "/xmlrpc.php"] [unique_id "akTLfAFY7e4dI-AwCb7mbgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack