๐ฌ๐ง
Axel
2026-07-04 04:20:02
(1 hour ago)
Blocked by ModSecurity. Rule ID: 225170 Message: COMODO WAF: Sensitive Information Disclosure Vulner ...
show more
Blocked by ModSecurity. Rule ID: 225170 Message: COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||catboy.host|F|2 Phase: 2 Severity: CRITICAL URI: /wp-json/wp/v2/users Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-04 02:27:51
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 103.210.121.29 (29.121.jnetwork.net.id): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 103.210.121.29 (29.121.jnetwork.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 22:27:47.612735 2026] [security2:error] [pid 10183:tid 10183] [client 103.210.121.29:38998] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||calvaryadminservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "calvaryadminservices.com"] [uri "/wp-json/wp/v2/users/6"] [unique_id "akhvozIK_vzhDAQFzyBNcAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
CollideTech
2026-07-04 02:14:29
(3 hours ago)
probing for vulnerabilities
Web App Attack
๐บ๐ธ
xxkodedxx
2026-07-04 01:01:47
(4 hours ago)
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10 ...
show more
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10m window.
Origin: ID / AS134658 PT JULIA MULTIMEDIA NUSANTARA
Active: 01:01:35 UTC
Volume: 1 HTTP req
Probed: /?author=1
Status mix: 444ร1
Vhost fishing: cards.zvxlabs.com
UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack
๐จ๐ฆ
SoteriaCovenant
2026-07-04 00:45:02
(4 hours ago)
Automated probe: /wp-json/wp/v2/users on Soteria Global infrastructure. No vulnerable software prese ...
show more
Automated probe: /wp-json/wp/v2/users on Soteria Global infrastructure. No vulnerable software present.
show less
Web App Attack
Anonymous
2026-07-03 22:00:24
(7 hours ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-03 20:43:03
(8 hours ago)
(mod_security) mod_security (id:225170) triggered by 103.210.121.29 (29.121.jnetwork.net.id): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 103.210.121.29 (29.121.jnetwork.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:42:57.582680 2026] [security2:error] [pid 13147:tid 13147] [client 103.210.121.29:51060] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||birdlovesfish.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "birdlovesfish.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akge0aQUZdyRIj8rSoBl4AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-03 20:02:33
(9 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ฎ๐น
abuseiphack
2026-07-03 19:54:36
(9 hours ago)
Automatic report for brute force attack
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-03 19:50:12
(9 hours ago)
balcomberetreat.com.au:443 103.210.121.29 - - [04/Jul/2026:05:50:11 +1000] "GET /?author=4 HTTP/1.1" ...
show more
balcomberetreat.com.au:443 103.210.121.29 - - [04/Jul/2026:05:50:11 +1000] "GET /?author=4 HTTP/1.1" 404 3802 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฉ๐ฐ
ScamAware
2026-07-03 18:52:37
(10 hours ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPr ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPress user enumeration). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 17:59:33
(11 hours ago)
(mod_security) mod_security (id:225170) triggered by 103.210.121.29 (29.121.jnetwork.net.id): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 103.210.121.29 (29.121.jnetwork.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 13:59:25.890655 2026] [security2:error] [pid 32002:tid 32002] [client 103.210.121.29:45760] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||speedysremodeling.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "speedysremodeling.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akf4fQGQfGBKchrQDF41BAAAADE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-03 16:05:05
(13 hours ago)
Abuse Detected (10)
Brute-Force
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-03 11:01:44
(18 hours ago)
rjryanpartners.com.au:443 103.210.121.29 - - [03/Jul/2026:21:01:42 +1000] "GET /?author=1&feed=rss2 ...
show more
rjryanpartners.com.au:443 103.210.121.29 - - [03/Jul/2026:21:01:42 +1000] "GET /?author=1&feed=rss2 HTTP/1.1" 404 3803 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 09:38:24
(19 hours ago)
(mod_security) mod_security (id:225170) triggered by 103.210.121.29 (29.121.jnetwork.net.id): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 103.210.121.29 (29.121.jnetwork.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 05:38:16.451187 2026] [security2:error] [pid 21511:tid 21511] [client 103.210.121.29:56154] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||restest.rayeliotschwartz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "restest.rayeliotschwartz.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akeDCNWlsDMLJ38AvCCjbgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack