๐ฆ๐บ
FireGuard Server
2026-07-18 06:55:08
(7 hours ago)
Blocked by os-abuseipdb; 4 hits, proto=tcp, ports=443
Port Scan
Hacking
๐บ๐ธ
RLDD
2026-07-14 07:08:02
(4 days ago)
WP probing -exo
Web App Attack
๐บ๐ธ
kosada.com
2026-07-11 02:03:46
(1 week ago)
Web vulnerability probing: /wp-json/hc/v1/themehunk-import
Web App Attack
๐ง๐ท
ICS Labs
2026-07-06 13:04:06
(1 week ago)
ICS Labs identified 43.165.5.252 as a malicious indicator from threat intelligence.
DDoS Attack
Port Scan
Hacking
Brute-Force
Exploited Host
๐ฉ๐ช
FeG Deutschland
2026-06-25 17:17:23
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 00:40:07
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 20:39:59.717682 2026] [security2:error] [pid 5177:tid 5177] [client 43.165.5.252:50543] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.goodacoustic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.goodacoustic.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajsnXyE6gNhSBPORckj4UgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 00:17:59
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 20:17:55.326902 2026] [security2:error] [pid 22070:tid 22070] [client 43.165.5.252:56716] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gcmmortgage.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gcmmortgage.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajsiM01N9H9FFtTMYE4tkgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 22:57:34
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 18:57:29.527217 2026] [security2:error] [pid 20335:tid 20335] [client 43.165.5.252:52519] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||genevainvestors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "genevainvestors.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajsPWfi9I1GVQqKG9tEUcQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 22:33:54
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 18:33:50.388929 2026] [security2:error] [pid 5604:tid 5604] [client 43.165.5.252:57611] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.thereisaplaceonearth.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.thereisaplaceonearth.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajsJzr10fD3KQWE2rOPKdAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 21:44:49
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 17:44:42.320781 2026] [security2:error] [pid 17233:tid 17233] [client 43.165.5.252:50698] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||deborahbein.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "deborahbein.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajr-SqgZ3mjHjr9joPX7owAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 19:50:34
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 15:50:30.841437 2026] [security2:error] [pid 5694:tid 5694] [client 43.165.5.252:62509] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.americanureport.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.americanureport.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajrjhgo06uIgRa1k3qlz4QAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 19:24:50
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 15:24:46.471247 2026] [security2:error] [pid 7645:tid 7645] [client 43.165.5.252:49919] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||drjasonkolber.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "drjasonkolber.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajrdfqNKv2vfX6l22CD1eQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 19:06:18
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 15:06:10.927517 2026] [security2:error] [pid 7448:tid 7448] [client 43.165.5.252:57287] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.alsdepot.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.alsdepot.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajrZIrY8hLrcieJKEWo3XgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 18:09:50
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 14:09:45.571897 2026] [security2:error] [pid 12000:tid 12036] [client 43.165.5.252:63795] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.rawhabitat.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.rawhabitat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajrL6YQvd-93Zhbuu5abAwAAAYE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 16:43:08
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 43.165.5.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 12:43:01.396082 2026] [security2:error] [pid 30683:tid 30683] [client 43.165.5.252:56809] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||7bsuperfruit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "7bsuperfruit.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajq3lf1p_jwxE2uhYtMgpQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack