๐บ๐ธ
TPI-Abuse
2026-07-06 00:28:46
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 20:28:42.992348 2026] [security2:error] [pid 32718:tid 32718] [client 103.156.242.197:39184] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greatplainswingcaf.org"] [uri "/.env"] [unique_id "akr2uurfIhpPkL5dYr4WdwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 20:59:12
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:59:06.667368 2026] [security2:error] [pid 10537:tid 10537] [client 103.156.242.197:43958] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.goldcountrygermanamericanclub.org"] [uri "/.env.production"] [unique_id "akrFmgQzTJ9oQlI8w7HdFQAAABE"], referer: https://goldcountrygermanamericanclub.org/.env.production
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 18:31:36
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 14:31:32.825432 2026] [security2:error] [pid 1448:tid 1448] [client 103.156.242.197:19276] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glendaleheritage.org"] [uri "/.env.production"] [unique_id "akqjBC5R0Pgq8_TXo-7WOgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-05 05:11:02
(5 days ago)
WordPress hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 12:14:02
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:13:54.083424 2026] [security2:error] [pid 12169:tid 12169] [client 103.156.242.197:4538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "difusionens.org"] [uri "/.env.development"] [unique_id "akengv-MU0RiEF4D5D2VIwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 22:28:15
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 18:28:08.948385 2026] [security2:error] [pid 5271:tid 5271] [client 103.156.242.197:30338] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "compassionfatigue.org"] [uri "/.env.example"] [unique_id "akbl-FesqhPZQlHjiZX5HQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 21:48:05
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 17:48:00.145604 2026] [security2:error] [pid 28425:tid 28429] [client 103.156.242.197:27002] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ahsdistance.org"] [uri "/.env.local"] [unique_id "akLoEG5GewlkeeZgOx2BuwAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
HandyTreff.de
2026-01-12 19:04:37
(5 months ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -32.527 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -32.527 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Mobile Sa
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-20 06:13:52
(9 months ago)
(mod_security) mod_security (id:210350) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 103.156.242.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 20 02:13:44.791004 2025] [security2:error] [pid 30230:tid 30230] [client 103.156.242.197:7272] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.renju.net|F|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/2637/game/126895/"] [unique_id "aM5GGHTtvT6CEh3g1C4LVAAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Cyber Crusader
2025-08-04 05:09:22
(11 months ago)
Hundreds of Attempts (at least) to Connect to and Access Firewall Ports
Port Scan
Hacking
Brute-Force
๐ฉ๐ช
Packets-Decreaser.NET
2025-06-12 14:27:43
(1 year ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐ฉ๐ช
botreporter
2025-05-16 06:21:43
(1 year ago)
botnet ignoring robots.txt 2
Bad Web Bot
๐ท๐บ
cybertailor
2025-05-11 17:36:42
(1 year ago)
103.156.242.197 - - [11/May/2025:22:36:41 +0500] "GET /la_brea.php?15865082 HTTP/1.1" 307 5 "-" "Moz ...
show more
103.156.242.197 - - [11/May/2025:22:36:41 +0500] "GET /la_brea.php?15865082 HTTP/1.1" 307 5 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.127 Safari/533.4"
...
show less
Bad Web Bot
Anonymous
2023-12-09 13:56:24
(2 years ago)
Dec 9 14:56:22 syscgn kernel: [703833.741473] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:10:0e: ...
show more
Dec 9 14:56:22 syscgn kernel: [703833.741473] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:10:0e:7e:26:f1:c0:08:00 SRC=103.156.242.197 DST=185.194.141.106 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=45055 DF PROTO=TCP SPT=51812 DPT=1433 WINDOW=42340 RES=0x00 SYN URGP=0
...
show less
Hacking
Anonymous
2023-12-09 13:26:22
(2 years ago)
Dec 9 14:26:21 syscgn kernel: [702032.575106] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:10:0e: ...
show more
Dec 9 14:26:21 syscgn kernel: [702032.575106] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:10:0e:7e:26:f1:c0:08:00 SRC=103.156.242.197 DST=185.194.141.106 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=59177 DF PROTO=TCP SPT=14176 DPT=1433 WINDOW=42340 RES=0x00 SYN URGP=0
...
show less
Hacking