Anonymous
2026-06-11 16:48:41
(1 month ago)
PARMACOM WEBEXPLOIT 130.49.10.122 (130.49.10.122)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 01:47:45
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 21:47:37.858240 2026] [security2:error] [pid 4796:tid 4796] [client 130.49.10.122:43679] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||norinpaco.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "norinpaco.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiN8Oa1CLjoeXcxAyEwjZQAAAA4"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
UlrikeLG
2026-06-02 18:15:00
(1 month ago)
[wordpress] unauthorised access attempts via wp_xmlrpc
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-01 19:05:21
(1 month ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 11:54:34
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 07:54:31.277317 2026] [security2:error] [pid 29461:tid 29461] [client 130.49.10.122:30683] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pwilts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pwilts.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahWJ95Jr3YtiXz2ozRu_kAAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-21 01:12:23
(1 month ago)
PARMACOM WEBEXPLOIT 130.49.10.122 (130.49.10.122)
Web App Attack
Anonymous
2026-05-19 06:55:46
(1 month ago)
Web App Attack
Brute-Force
Web App Attack
๐บ๐ธ
ambor
2026-05-18 21:07:10
(1 month ago)
Honeypot triggered on tcpdata.com - Attempted to access /wp-login.php (wordpress_login). User-Agent: ...
show more
Honeypot triggered on tcpdata.com - Attempted to access /wp-login.php (wordpress_login). User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-12 23:27:04
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 19:26:55.815602 2026] [security2:error] [pid 14850:tid 14850] [client 130.49.10.122:17169] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||geriterry.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "geriterry.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agO3PxwX9n4DRPto_rJOpgAAABQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-10 03:21:43
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 23:21:38.820987 2026] [security2:error] [pid 4247:tid 4247] [client 130.49.10.122:28935] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wplusw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wplusw.com"] [uri "/wp-json/wp/v2/users"] [unique_id "af_5wkHAEPNS3L_n-VGMJwAAAAk"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-30 17:58:28
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.10.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 13:58:24.568210 2026] [security2:error] [pid 23405:tid 23405] [client 130.49.10.122:54201] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jolankagroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afOYQGI1C-tfL7jeAolFoAAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack