๐ฉ๐ช
HandyTreff.de
2026-06-29 22:57:15
(2 weeks ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.901 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.901 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Sa
show less
Web App Attack
Bad Web Bot
๐ช๐ธ
librebit
2026-06-25 02:59:37
(3 weeks ago)
Brute force
Brute-Force
๐ช๐ธ
librebit
2026-06-19 13:42:03
(3 weeks ago)
Brute force
Brute-Force
๐ซ๐ท
masterguru
2026-06-18 00:54:45
(4 weeks ago)
(modsec_2000110) ModSec 2000110: Malicious username admlnlx from 155.212.39.215 (DE/Germany/-): 1 in ...
show more
(modsec_2000110) ModSec 2000110: Malicious username admlnlx from 155.212.39.215 (DE/Germany/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-03 09:46:41
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 155.212.39.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 155.212.39.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 05:46:34.074105 2026] [security2:error] [pid 29367:tid 29367] [client 155.212.39.215:61349] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||seese.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "seese.us"] [uri "/wp-json/wp/v2/users"] [unique_id "afcZepMjlHhUFxIiU-EstwAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Tilellit.PRO
2026-05-02 18:48:11
(2 months ago)
Fail2Ban banned 155.212.39.215 for security violations in jail wp-armour. Log: 2026/05/02 18:48:11 [ ...
show more
Fail2Ban banned 155.212.39.215 for security violations in jail wp-armour. Log: 2026/05/02 18:48:11 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 155.212.39.215 | Target: wplogin" , client: 155.212.39.215, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐บ๐ธ
TPI-Abuse
2026-05-01 06:29:09
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 155.212.39.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 155.212.39.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 02:29:05.279654 2026] [security2:error] [pid 24814:tid 24814] [client 155.212.39.215:39685] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||stockeai.com.38floorsupply.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "stockeai.com.38floorsupply.com"] [uri "/s3cmd.ini"] [unique_id "afRIMclS_QidMWV4HEG5fwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-28 23:12:27
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 155.212.39.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 155.212.39.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 19:12:21.843831 2026] [security2:error] [pid 7185:tid 7185] [client 155.212.39.215:37419] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.fritsknuf.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fritsknuf.com"] [uri "/s3cmd.ini"] [unique_id "afE-1U5bvHfo4YqhRJKtMQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-27 04:09:52
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 155.212.39.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 155.212.39.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 00:09:49.122223 2026] [security2:error] [pid 32424:tid 32424] [client 155.212.39.215:31749] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thestardance.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thestardance.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae7hjZxUgsJ1FRQxVXEU2QAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
10dencehispahard SL
2026-01-28 05:49:02
(5 months ago)
Wordpress probing for vulnerabilities
Hacking
Exploited Host
๐ซ๐ท
masterguru
2026-01-18 14:31:10
(5 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 155.212.39.215 (NL/The Netherlands/-): 1 in th ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 155.212.39.215 (NL/The Netherlands/-): 1 in the last 3600 secs (0-193)
show less
Hacking
๐ซ๐ท
masterguru
2026-01-18 04:58:04
(5 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 155.212.39.215 (NL/The Netherlands/-): 1 in th ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 155.212.39.215 (NL/The Netherlands/-): 1 in the last 3600 secs (0-196)
show less
Hacking
๐ซ๐ท
masterguru
2026-01-13 18:26:25
(6 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 155.212.39.215 (FI/Finland/-): 1 in the last 3 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 155.212.39.215 (FI/Finland/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ซ๐ท
masterguru
2025-12-10 12:46:11
(7 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 155.212.39.215 (FI/Finland/-): 1 in the last 3 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 155.212.39.215 (FI/Finland/-): 1 in the last 3600 secs (0-196)
show less
Hacking
๐ช๐ธ
10dencehispahard SL
2025-11-13 07:20:27
(8 months ago)
WP probing for vulnerabilities
Hacking
Exploited Host