๐ซ๐ท
Tilellit.PRO
2026-07-14 01:39:56
(1 day ago)
WP Armour Plugin detection
Web Spam
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-10 10:19:25
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 130.49.76.92 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.76.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 06:19:18.286537 2026] [security2:error] [pid 13587:tid 13587] [client 130.49.76.92:59869] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||beckomberga.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "beckomberga.org"] [uri "/wp-json/wp/v2/users"] [unique_id "alDHJohKKXJ0UfDmM2bBuAAAAAA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 11:36:10
(2 weeks ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-06-26 01:43:19
(2 weeks ago)
[Fri Jun 26 11:43:18.883451 2026] [security2:error] [pid 604156] [client 130.49.76.92:26369] [client ...
show more
[Fri Jun 26 11:43:18.883451 2026] [security2:error] [pid 604156] [client 130.49.76.92:26369] [client 130.49.76.92] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/xmlrpc.php"] [unique_id "aj3ZNgegtY-KiZsVnHoSYQAAAAU"]
...
show less
Web App Attack
๐จ๐ฟ
ptlab
2026-06-25 16:45:07
(2 weeks ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 09:50:49
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 130.49.76.92 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.76.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 05:50:42.974185 2026] [security2:error] [pid 31237:tid 31237] [client 130.49.76.92:24165] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||poltorak.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "poltorak.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajZicmOJWkal6hK8qJOS2gAAABc"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-01 19:19:09
(1 month ago)
Web password guessing
Brute-Force
๐น๐ผ
kk_it_man
2026-05-27 03:00:30
(1 month ago)
Hacking
๐บ๐ธ
kosada.com
2026-05-21 15:32:51
(1 month ago)
Web password guessing
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-21 14:57:10
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 130.49.76.92 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.76.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 10:57:05.159324 2026] [security2:error] [pid 2916:tid 2916] [client 130.49.76.92:13779] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||coroneta.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coroneta.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag8dQRZUPuPoaZywk2mYowAAACY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-21 02:02:32
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 130.49.76.92 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.76.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 22:02:25.609702 2026] [security2:error] [pid 31876:tid 31876] [client 130.49.76.92:61563] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||toody.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "toody.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag5nseTe2HkLoyeL6W7T3AAAACM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-05-14 19:53:18
(2 months ago)
WordPress login attempt
Brute-Force
๐ท๐ด
Fn4ticHz
2026-05-10 12:22:33
(2 months ago)
Repeated DDoS targeted -- ZeroGuard X ManagedSRV
DDoS Attack
Exploited Host
๐ฎ๐น
VHosting
2026-03-26 20:33:59
(3 months ago)
Detected attack and reported by a human
Brute-Force
Web App Attack
SSH
DDoS Attack
Exploited Host
Bad Web Bot