πΊπΈ
TPI-Abuse
2026-07-03 04:35:40
(10 hours ago)
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:35:32.080364 2026] [security2:error] [pid 27052:tid 27052] [client 82.165.85.239:37552] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||radicalchange.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "radicalchange.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akc8FFvJ5GxMATQqDPO8SwAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-07-02 08:34:43
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
π²πΉ
Malta
2026-07-01 18:19:00
(1 day ago)
82.165.85.239 - - [01/Jul/2026:20:19:00 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ...
show more
82.165.85.239 - - [01/Jul/2026:20:19:00 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-28 21:45:27
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:45:23.926479 2026] [security2:error] [pid 28151:tid 28151] [client 82.165.85.239:34832] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bearssd.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bearssd.org"] [uri "/wp-json/wp/v2/users/5"] [unique_id "akGV82kVfvZQQDz5TSl6ogAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 18:31:22
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 14:31:19.006215 2026] [security2:error] [pid 4037:tid 4037] [client 82.165.85.239:57416] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||realclean.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "realclean.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akFod4kfMJlaRyf92Xy6KAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-28 17:46:25
(4 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 12:04:07
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 08:04:01.107704 2026] [security2:error] [pid 14680:tid 14680] [client 82.165.85.239:37430] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||concentricsteel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "concentricsteel.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akENsWpxWzzWeJ2qOic9IQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 11:32:19
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:32:12.764749 2026] [security2:error] [pid 2290:tid 2290] [client 82.165.85.239:45548] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||freemanfoundationcle.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "freemanfoundationcle.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akEGPENLIQ9yYWCeL7BWmgAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²πΉ
Malta
2026-06-27 01:12:42
(6 days ago)
82.165.85.239 - - [27/Jun/2026:03:12:41 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ...
show more
82.165.85.239 - - [27/Jun/2026:03:12:41 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
π©πͺ
FeG Deutschland
2026-06-24 10:21:03
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-23 21:50:18
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 17:50:13.693937 2026] [security2:error] [pid 14607:tid 14630] [client 82.165.85.239:54814] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||piazza9.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "piazza9.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajr_lZ_C30oxgSpG4W3ubwAAAJU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-23 18:40:32
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 14:40:25.817002 2026] [security2:error] [pid 14954:tid 15010] [client 82.165.85.239:36228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lpsouthdakota.com.omegaoak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lpsouthdakota.com.omegaoak.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajrTGU-gYykgr_lCYu_TZgAAAJA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-23 16:36:41
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 12:36:34.550464 2026] [security2:error] [pid 19774:tid 19774] [client 82.165.85.239:39984] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fractalsky.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fractalsky.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajq2EhJJVale1nFD6e03cAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-23 15:48:57
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-23 04:48:19
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.85.239 (infongp-fr37.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 00:48:13.283673 2026] [security2:error] [pid 20310:tid 20310] [client 82.165.85.239:54476] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||artspacecleveland.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "artspacecleveland.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajoQDaZyKvqDbIvxtEnB9QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack