πΊπΈ
TPI-Abuse
2026-06-29 11:31:34
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:31:28.287172 2026] [security2:error] [pid 6070:tid 6070] [client 20.75.217.74:9115] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.savingspools.savingshvac.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.savingspools.savingshvac.com"] [uri "/wp-json/wp/v2/users/10"] [unique_id "akJXkMHm1tvWjy1pzQgRfAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 11:16:01
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:15:54.957012 2026] [security2:error] [pid 8522:tid 8522] [client 20.75.217.74:9059] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rogerheath.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rogerheath.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akJT6nutRussZOB2XEqW-gAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
big-cloud.nl
2026-06-29 10:47:33
(2 hours ago)
Try to access /wp/xmlrpc.php
Web App Attack
Anonymous
2026-06-29 10:45:17
(2 hours ago)
2026-06-29T12:45:16.913578+02:00 aion wordpress[2732097]: Blocked user enumeration attempt from 20.7 ...
show more
2026-06-29T12:45:16.913578+02:00 aion wordpress[2732097]: Blocked user enumeration attempt from 20.75.217.74
...
show less
Hacking
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-29 10:44:14
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:44:08.840547 2026] [security2:error] [pid 14234:tid 14234] [client 20.75.217.74:8852] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||intrinsicdiscovery.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "intrinsicdiscovery.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akJMeBc3NR1RqrqGF4dCbwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 10:24:05
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:24:00.016859 2026] [security2:error] [pid 22901:tid 22901] [client 20.75.217.74:8609] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pinetreedistrict.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pinetreedistrict.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akJHwNAFwJNCLYIqPlMxlwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
cmbplf
2026-06-29 10:01:04
(3 hours ago)
3.750 requests to many distinct domains in 1 hour (3w5d13h)
Brute-Force
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-29 09:23:02
(4 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:22:57.482933 2026] [security2:error] [pid 4804:tid 4804] [client 20.75.217.74:9617] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nypatriotcards.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nypatriotcards.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "akI5cZW5L8lGAAyKWGVdbAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 09:07:11
(4 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:07:07.491532 2026] [security2:error] [pid 9633:tid 9633] [client 20.75.217.74:9287] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.vansfanz.rollinchassis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.vansfanz.rollinchassis.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akI1u95oPPwc3Q4SGxWHsAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 08:49:42
(4 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:49:37.049284 2026] [security2:error] [pid 10002:tid 10002] [client 20.75.217.74:9039] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||modestosoftwater.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "modestosoftwater.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akIxoZy_IhU-ZFrq9fvr_gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
xxkodedxx
2026-06-29 08:33:52
(5 hours ago)
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1Γ honeypot-get in 10m window.
...
show more
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1Γ honeypot-get in 10m window.
Active: 08:33:38 UTC
Volume: 1 honeypot probe(s)
Bait taken: /wp-json/wp/v2/users?offset=0&per_page=100&_fields=id,slug
Vhost fishing: cards.zvxlabs.com
UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack
π©πͺ
stinpriza
2026-06-29 07:18:05
(6 hours ago)
Web App Attack
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 07:02:40
(6 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:02:34.591351 2026] [security2:error] [pid 3330:tid 3330] [client 20.75.217.74:4962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||northfortworthalliance.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "northfortworthalliance.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akIYikZvMm9OquIxMBipsgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 02:49:32
(10 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 22:49:28.835089 2026] [security2:error] [pid 2112:tid 2112] [client 20.75.217.74:5650] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||doreenkimura.com.misscharlottemusic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "doreenkimura.com.misscharlottemusic.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akHdOCJKWLO9u_uzzpNibAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 00:11:18
(13 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:11:13.193013 2026] [security2:error] [pid 10306:tid 10306] [client 20.75.217.74:5639] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||globalweb123.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "globalweb123.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "akG4IfSReesOJYqjVf982gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack