JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.29.69.0

120.29.69.0 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 48%: ?

48%

ISP	ComClark Network & Technology Corp
Usage Type	Fixed Line ISP
ASN	AS17639
Hostname(s)	0.69.29.120-rev.convergeict.com
Domain Name	comclark.com
Country	🇵🇭 Philippines
City	Angeles City, Central Luzon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.29.69.0

Whois 120.29.69.0

IP Abuse Reports for 120.29.69.0:

This IP address has been reported a total of 31 times from 20 distinct sources. 120.29.69.0 was first reported on May 18th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-06-14 14:21:45 (1 day ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 120.29.69.0 (PH/Philippines/0.69.29 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 120.29.69.0 (PH/Philippines/0.69.29.120-rev.convergeict.com): 1 in the last 3600 secs show less	Web App Attack
🇫🇷 Kenshin869	2026-06-14 13:08:46 (1 day ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 12:49:05 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): ... show more (mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:48:57.995228 2026] [security2:error] [pid 10344:tid 10344] [client 120.29.69.0:13613] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sacoriverjazz.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sacoriverjazz.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ai6jOSEVg5CdyK3EXfkKNgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-09 08:56:33 (1 week ago)	Wordpress Vunerability attack	Web App Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 0aa675a2-592f-4403-b47a-49bf1ef0abf7	DDoS Attack
🇩🇪 stinpriza	2026-05-25 08:10:42 (3 weeks ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 05:39:08 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): ... show more (mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 01:39:02.982976 2026] [security2:error] [pid 30152:tid 30152] [client 120.29.69.0:1220] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|goldcountrygermanamericanclub.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "goldcountrygermanamericanclub.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ahPgdjOUZ1PQdQz3U1FrGgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-24 13:55:48 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): ... show more (mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 09:55:42.650593 2026] [security2:error] [pid 26905:tid 26911] [client 120.29.69.0:13046] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sparkhypnotherapy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sparkhypnotherapy.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahMDXnPWHr7eUZtnwOIVVAAAAEA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2026-05-20 04:06:30 (3 weeks ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 06:51:58 (4 weeks ago)	(mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): ... show more (mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 02:51:54.689270 2026] [security2:error] [pid 9742:tid 9742] [client 120.29.69.0:5811] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|indiahouseportland.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "indiahouseportland.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agwIik-Bvky84Uc5kFoG7QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 06:08:59 (4 weeks ago)	(mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): ... show more (mod_security) mod_security (id:225170) triggered by 120.29.69.0 (0.69.29.120-rev.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 02:08:54.299369 2026] [security2:error] [pid 14931:tid 14931] [client 120.29.69.0:39572] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hodlmoser.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hodlmoser.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agv-djJ1EQv476u1-glWjgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-05-14 06:03:11 (1 month ago)	[ThuMay1408:03:03.9842192026][security2:error][pid2770545:tid2770659][client120.29.69.0:0]ModSecurit ... show more [ThuMay1408:03:03.9842192026][security2:error][pid2770545:tid2770659][client120.29.69.0:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"avvnicolaurbani.ch\"][uri\"/xmlrpc.php\"][unique_id\"agVllx0AWGxdYfiEdcZ1pAAAAAc\"] show less	Hacking Web App Attack
Anonymous	2026-05-14 04:09:03 (1 month ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇩🇪 Hazzard	2026-05-12 08:03:27 (1 month ago)	(wordpress) Failed wordpress login from 120.29.69.0 (PH/Philippines/Province of Pampanga/Clark/0.69. ... show more (wordpress) Failed wordpress login from 120.29.69.0 (PH/Philippines/Province of Pampanga/Clark/0.69.29.120-rev.convergeict.com/[redacted]): (CF_ENABLE) show less	Brute-Force
Anonymous	2026-05-07 05:53:55 (1 month ago)	120.29.69.0 - - [07/May/2026:07:49:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X ... show more 120.29.69.0 - - [07/May/2026:07:49:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.0.0 Safari/537.36" 120.29.69.0 - - [07/May/2026:07:48:59 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.0.0 Safari/537.36" 120.29.69.0 - - [07/May/2026:07:53:26 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.0.0 Safari/537.36" 120.29.69.0 - - [07/May/2026:07:53:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.0.0 Safari/537.36" 120.29.69.0 - - [07/May/2026:07:53:53 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Linux; Android 10; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/100.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.130

🇪🇸 92.177.171.81

🇨🇳 117.70.48.191

🇨🇳 106.13.114.161

🇺🇸 104.236.68.24

🇺🇸 103.143.231.24

🇺🇸 99.60.18.106

🇩🇪 69.5.169.38

🇮🇳 59.180.155.112

🇳🇵 2400:1a00:2b68:d23:d4cd:ac50:e9ff:a4cc

🇲🇽 187.190.35.163

🇵🇪 161.132.54.218

🇫🇷 109.23.214.13

🇺🇸 107.170.247.81

🇮🇩 103.152.235.19

🇮🇩 101.128.96.35

🇺🇸 65.49.1.11

🇹🇭 49.49.223.235

🇷🇺 46.50.240.92

🇮🇩 43.157.210.132