๐ช๐ธ
librebit
2026-06-18 14:54:29
(2 weeks ago)
Brute force
Brute-Force
๐ฉ๐ช
UlrikeLG
2026-06-02 18:10:00
(1 month ago)
[wordpress] unauthorised access attempts via wp_xmlrpc
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-29 17:46:12
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 13:46:08.605452 2026] [security2:error] [pid 23284:tid 23284] [client 130.49.78.97:33935] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.cynosure.email.pluralmatrix.net|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cynosure.email.pluralmatrix.net"] [uri "/s3cmd.ini"] [unique_id "afJD4OEcXmApF_Jw7aCFswAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-29 04:20:36
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 00:20:31.784620 2026] [security2:error] [pid 21574:tid 21574] [client 130.49.78.97:28169] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.fables4teenagers.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fables4teenagers.com"] [uri "/s3cmd.ini"] [unique_id "afGHD1jQYqiANMiBCdPzRgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-26 13:51:49
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 09:51:44.548254 2026] [security2:error] [pid 17502:tid 17502] [client 130.49.78.97:62317] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.echandi.navarrete.ws|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.echandi.navarrete.ws"] [uri "/s3cmd.ini"] [unique_id "ae4YcMrzxtHXfNYKBMMeFgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
kjaerulff
2026-03-11 15:01:15
(3 months ago)
Failed Wordpress login using wp-login.php
Web App Attack
๐บ๐ธ
Psycho Solutions LLC
2026-03-04 02:44:55
(4 months ago)
Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N ...
show more
Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N/A - Timestamp: 3/4/2026 2:44 am (UTC-6)
show less
Web App Attack
Bad Web Bot
Web Spam
Hacking
๐ง๐ช
voormedia
2026-03-03 21:31:40
(4 months ago)
Accessed trap at '/wp-login.php'
Web App Attack
๐บ๐ธ
octageeks.com
2025-10-26 04:07:57
(8 months ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-24 05:18:27
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 24 01:18:23.971039 2025] [security2:error] [pid 15951:tid 15951] [client 130.49.78.97:51321] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||maffiniandbearce.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "maffiniandbearce.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPsMHwvmzCf9C6XkoUllIQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-10-24 00:55:47
(8 months ago)
wordpress-trap
Web App Attack
๐บ๐ธ
mind5t0rm
2025-10-23 10:08:32
(8 months ago)
(WPLOGIN) WP Login Attack 130.49.78.97 (-): 3 in the last 3600 secs; Ports: *; Direction: inout; Tri ...
show more
(WPLOGIN) WP Login Attack 130.49.78.97 (-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 130.49.78.97 - - [23/Oct/2025:17:08:19 +0700] "GET /wp-login.php HTTP/1.1" 200 2420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203"
130.49.78.97 - - [23/Oct/2025:17:08:24 +0700] "GET /wp-login.php HTTP/1.1" 200 2420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203"
130.49.78.97 - - [23/Oct/2025:17:08:28 +0700] "POST /wp-login.php HTTP/1.1" 200 2573 "https://convercon.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2025-10-21 11:50:22
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 21 07:50:16.448605 2025] [security2:error] [pid 16021:tid 16021] [client 130.49.78.97:10663] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kawkacevents.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kawkacevents.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPdzeJpKvTLlRcg_pq7QUQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ne1for23
2025-10-20 20:14:32
(8 months ago)
130.49.78.97 - - [20/Oct/2025:20:14:26 +0000] "GET /wp-login.php HTTP/1.1" 403 555 "-" "Mozilla/5.0 ...
show more
130.49.78.97 - - [20/Oct/2025:20:14:26 +0000] "GET /wp-login.php HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203"
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-19 12:56:57
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.78.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 19 08:56:53.679375 2025] [security2:error] [pid 11466:tid 11466] [client 130.49.78.97:41299] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wave94.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wave94.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPTgFTV01Aa1AI4lhqNklAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack