๐ช๐ธ
librebit
2026-07-13 19:22:23
(1 day ago)
Brute force
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-22 20:12:44
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 16:12:40.184569 2026] [security2:error] [pid 15799:tid 15799] [client 130.49.9.96:23123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sahinozalit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sahinozalit.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahC4uCoTirQXMjHzLRyt9QAAABM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-06 09:44:18
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 05:44:10.528884 2026] [security2:error] [pid 4779:tid 4779] [client 130.49.9.96:12269] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riverflow.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riverflow.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afsNalli3M8B-6uZFXMiqAAAABM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-26 08:30:50
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 04:30:43.394201 2026] [security2:error] [pid 27242:tid 27242] [client 130.49.9.96:34047] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||crowleywoodworking.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "crowleywoodworking.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae3NM9PoXdzm0a5sZgXx-AAAAA4"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
ptlab
2026-04-21 00:55:22
(2 months ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐ฆ๐บ
oncord
2026-04-19 03:51:59
(2 months ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2026-04-18 07:06:09
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 03:06:03.973017 2026] [security2:error] [pid 2883296:tid 2883386] [client 130.49.9.96:10457] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||usu.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "usu.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aeMtW1G3pExirM5FYJEzdgAAAgQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-04-17 11:44:56
(2 months ago)
WordPress login attempt
Brute-Force
Anonymous
2026-04-14 01:04:20
(3 months ago)
FPROCO WEBEXPLOIT 130.49.9.96 (130.49.9.96)
Web App Attack
Anonymous
2026-04-06 03:21:25
(3 months ago)
Forum/form spam
Web Spam
๐ฎ๐น
VHosting
2026-03-26 19:57:35
(3 months ago)
Detected attack and reported by a human
Brute-Force
Web App Attack
SSH
DDoS Attack
Exploited Host
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-11-15 17:23:17
(7 months ago)
(mod_security) mod_security (id:210350) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210350) triggered by 130.49.9.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 12:23:12.149480 2025] [security2:error] [pid 28924:tid 28927] [client 130.49.9.96:22539] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||rockabyecotons.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "rockabyecotons.com"] [uri "/"] [unique_id "aRi3AKBeRt8vlYNUJhGMJQAAAME"]
show less
Brute-Force
Bad Web Bot
Web App Attack