๐บ๐ธ
oncord
2025-09-29 03:05:08
(9 months ago)
Form spam
Web Spam
Anonymous
2025-09-27 13:32:28
(9 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ฆ๐บ
oncord
2025-09-11 15:24:47
(9 months ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2025-09-10 12:35:37
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 10 08:35:31.194160 2025] [security2:error] [pid 27890:tid 27890] [client 156.253.165.203:15753] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.jeffautry.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.jeffautry.com"] [uri "/s3cmd.ini"] [unique_id "aMFwk0nZsWgPQj2oHgVW3wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
oncord
2025-09-09 19:12:30
(9 months ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2025-09-06 15:08:59
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 11:08:56.064282 2025] [security2:error] [pid 12118:tid 12118] [client 156.253.165.203:59587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.costaricaencasa.galvez.cc"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aLxOiK-zxcwjD9rL0o-K9QAAADE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-09-01 03:57:06
(9 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-08-31 18:15:35
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 14:15:28.910031 2025] [security2:error] [pid 21154:tid 21154] [client 156.253.165.203:39915] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.buanamegah.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.buanamegah.com"] [uri "/s3cmd.ini"] [unique_id "aLSRQJ7bfRE26smmf5MwgQAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-31 17:58:40
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 13:58:36.605541 2025] [security2:error] [pid 26358:tid 26358] [client 156.253.165.203:38751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.alternatievemedia.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aLSNTEowcOTEyESb5tSV4QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
pixelXp
2025-08-06 17:22:23
(10 months ago)
49.29 ronny.dyett at gmail_c0m fadaco.nl/contact
Web Spam
๐ฆ๐บ
oncord
2025-08-03 04:16:24
(10 months ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2025-07-31 15:07:20
(10 months ago)
(mod_security) mod_security (id:225170) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.253.165.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 31 11:07:17.428822 2025] [security2:error] [pid 3671:tid 3671] [client 156.253.165.203:54325] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||armrms.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "armrms.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIuGpdoCd1FQvF2uEUewiQAAACY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-07-31 12:36:36
(10 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ฉ๐ช
Packets-Decreaser.NET
2025-07-13 20:12:18
(11 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐ฉ๐ช
stinpriza
2025-05-03 02:08:50
(1 year ago)
(XMLRPC) xmlrpc banned 156.253.165.203 (GB/United Kingdom/-): 1 in the last 3600 secs
Web App Attack