Anonymous
2026-07-06 16:33:43
(23 hours ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ฆ๐น
neo72
2026-07-02 04:30:29
(5 days ago)
Detected malicious activity - bulk block
Brute-Force
Web App Attack
๐ฉ๐ช
LRob
2026-07-02 02:31:20
(5 days ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐จ๐ฆ
Dunham Support
2026-07-02 02:16:36
(5 days ago)
(wordpress) Failed wordpress login from 20.40.212.240 (US/United States/-)
Brute-Force
Anonymous
2026-07-02 02:03:09
(5 days ago)
20.40.212.240 - - [02/Jul/2026:02:03:08 +0000] "GET /wp-json/wp/v2/users/ HTTP/1.1" 404 19665 "-" "M ...
show more
20.40.212.240 - - [02/Jul/2026:02:03:08 +0000] "GET /wp-json/wp/v2/users/ HTTP/1.1" 404 19665 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0"
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 01:56:48
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 20.40.212.240 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.40.212.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 21:56:44.676812 2026] [security2:error] [pid 21088:tid 21088] [client 20.40.212.240:25571] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||unified-dispatch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "unified-dispatch.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akXFXN6nu4-R0VbWykrX6gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-02 01:51:17
(5 days ago)
20.40.212.240 - - [02/Jul/2026:0
...
Brute-Force
๐ณ๐ฑ
Site.eu
2026-07-02 01:42:49
(5 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ฐ
ScamAware
2026-07-02 01:38:28
(5 days ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPr ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPress user enumeration). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Brute-Force
Web App Attack
๐ฉ๐ช
pltcldvlpr
2026-07-02 01:36:30
(5 days ago)
CMS/framework probe: 20.40.212.240 - - [02/Jul/2026:03:36:29 +0200] "GET /wp-json/wp/v2/users/ HTTP/ ...
show more
CMS/framework probe: 20.40.212.240 - - [02/Jul/2026:03:36:29 +0200] "GET /wp-json/wp/v2/users/ HTTP/1.1" 404 1499 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Vivaldi/6.7" asn=8075 org="Microsoft Corporation" country=US
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 01:28:23
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 20.40.212.240 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.40.212.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 21:28:18.492663 2026] [security2:error] [pid 12667:tid 12667] [client 20.40.212.240:25572] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||francisautodetailing.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "francisautodetailing.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akW-sr3Gwh8znCNlcaFvugAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Axel
2026-07-02 01:25:51
(5 days ago)
Blocked by ModSecurity. Rule ID: 225170 Message: COMODO WAF: Sensitive Information Disclosure Vulner ...
show more
Blocked by ModSecurity. Rule ID: 225170 Message: COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||usvi.network|F|2 Phase: 2 Severity: CRITICAL URI: /wp-json/wp/v2/users/ Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐ซ๐ท
masterguru
2026-07-02 01:05:16
(5 days ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 20.40.212.240 (US/United States/-): 1 in the l ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 20.40.212.240 (US/United States/-): 1 in the last 3600 secs (0-196)
show less
Hacking
Anonymous
2026-07-02 01:04:39
(5 days ago)
Bad Web Bot
Web App Attack
๐ซ๐ฎ
stinpriza
2026-07-02 00:55:16
(5 days ago)
Web App Attack
Web App Attack