๐บ๐ธ
TPI-Abuse
2026-01-15 07:54:38
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-host ...
show more
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-hosting.expert): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 02:54:30.440407 2026] [security2:error] [pid 32440:tid 32440] [client 213.202.222.105:43891] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||curts.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "curts.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aWidNl4ko3Ua7aYnJDgYewAAAAc"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-06 20:29:00
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-host ...
show more
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-hosting.expert): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 06 15:28:56.561561 2026] [security2:error] [pid 4469:tid 4469] [client 213.202.222.105:51403] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fales-lorenz.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fales-lorenz.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aV1wiCzD6xO1XG9f0MhwpAAAAAs"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
jcbriar
2026-01-04 20:35:57
(5 months ago)
CSRF or other malfeasance
Hacking
Web App Attack
๐ณ๐ฑ
maxxsense
2025-12-13 16:47:19
(6 months ago)
213.202.222.105 (DE/Germany/srv30403.dus7.dedi.server-hosting.expert), 12 distributed imapd attacks ...
show more
213.202.222.105 (DE/Germany/srv30403.dus7.dedi.server-hosting.expert), 12 distributed imapd attacks on account [redacted]
show less
Brute-Force
๐ฉ๐ช
Bedios GmbH
2025-11-29 07:42:25
(7 months ago)
Wordpress hacking attempt
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-28 22:26:58
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-host ...
show more
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-hosting.expert): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 17:26:54.373735 2025] [security2:error] [pid 26666:tid 26666] [client 213.202.222.105:57455] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||yuichiro.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "yuichiro.us"] [uri "/wp-json/wp/v2/users"] [unique_id "aSohrlIkoT_oXVD-ie_7BAAAABI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-28 21:47:33
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-host ...
show more
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-hosting.expert): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 16:47:27.108228 2025] [security2:error] [pid 35385:tid 35385] [client 213.202.222.105:38867] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||saratogaequity.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "saratogaequity.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSoYbw6D9h6CphucCh5AugAAABE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 19:37:16
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-host ...
show more
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-hosting.expert): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 14:37:08.909412 2025] [security2:error] [pid 9650:tid 9650] [client 213.202.222.105:53249] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||freddyspizza.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "freddyspizza.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSdW5BqgaaSkNs4hpHRFlgAAABs"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2025-11-26 11:37:05
(7 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-12 09:16:48
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-host ...
show more
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-hosting.expert): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 04:16:42.675196 2025] [security2:error] [pid 32648:tid 32648] [client 213.202.222.105:35182] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||radiointernational.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "radiointernational.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aRRQem_8dDaYmMCRNOmKegAAAAU"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-09 07:38:09
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-host ...
show more
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-hosting.expert): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 02:38:02.584816 2025] [security2:error] [pid 17545:tid 17545] [client 213.202.222.105:39981] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||myemail.navy|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "myemail.navy"] [uri "/wp-json/wp/v2/users"] [unique_id "aRBE2qRcvhOmQ3s0OXuQwwAAAAA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-07 21:04:47
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-host ...
show more
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-hosting.expert): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 16:04:42.557678 2025] [security2:error] [pid 9798:tid 9837] [client 213.202.222.105:57353] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||philacentric.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "philacentric.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ5e6qFi9S72R65BUSafDQAAAME"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2025-11-04 01:10:12
(8 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-11-04 00:15:47
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-host ...
show more
(mod_security) mod_security (id:225170) triggered by 213.202.222.105 (srv30403.dus7.dedi.server-hosting.expert): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 03 19:15:40.805847 2025] [security2:error] [pid 1001:tid 1001] [client 213.202.222.105:36055] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kriske.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kriske.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQlFrNljCEBkj3ZD6vSTdwAAAAo"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
kjaerulff
2025-11-03 22:20:54
(8 months ago)
Failed Wordpress login using wp-login.php (srv30403.dus7.dedi.server-hosting.expert)
Web App Attack