๐บ๐ธ
TPI-Abuse
2026-06-29 04:37:27
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:37:14.260552 2026] [security2:error] [pid 4805:tid 4805] [client 39.154.12.82:30432] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.kamermanhome.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.kamermanhome.com"] [uri "/home.php"] [unique_id "akH2eoxVIp4mD0YwpG721wAAABc"], referer: http://www.kamermanhome.com/home.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-01 21:04:04
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 17:03:51.875313 2026] [security2:error] [pid 10790:tid 10790] [client 39.154.12.82:2005] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.enriquelaw.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.enriquelaw.com"] [uri "/"] [unique_id "ah3zt_lLYoGAJUlxt5soDwAAACQ"], referer: http://www.enriquelaw.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-30 22:07:20
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 18:07:06.809686 2026] [security2:error] [pid 18439:tid 18439] [client 39.154.12.82:8861] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.dhsgrad.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.dhsgrad.net"] [uri "/"] [unique_id "ahtfinQyZJ1JmcTofBYwEQAAAAk"], referer: http://www.dhsgrad.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-22 22:04:50
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 18:04:42.174057 2026] [security2:error] [pid 27015:tid 27015] [client 39.154.12.82:14565] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||elderlyassociation.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "elderlyassociation.org"] [uri "/"] [unique_id "acBneo6Z-Vps6s8jjpSd3wAAAA8"], referer: http://elderlyassociation.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-22 21:18:49
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 17:18:40.422513 2026] [security2:error] [pid 14228:tid 14228] [client 39.154.12.82:14544] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.k4uu.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.k4uu.com"] [uri "/"] [unique_id "acBcsHa6NvHZVWqo1QdzgQAAAAY"], referer: http://www.k4uu.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-17 22:58:45
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.12.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 17:58:37.594287 2026] [security2:error] [pid 29065:tid 29065] [client 39.154.12.82:11838] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||lmffl.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "lmffl.com"] [uri "/"] [unique_id "aZTyneJvFYnBenARqP4UoQAAABM"], referer: http://lmffl.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-06-03 01:40:51
(1 year ago)
ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/39.154.12.82
2025-06- ...
show more
ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/39.154.12.82
2025-06-02 15:47:41 /config.json
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-04-02 02:14:18
(1 year ago)
ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/39.154.12.82
2025-04- ...
show more
ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/39.154.12.82
2025-04-01 02:35:46 /robots.txt
show less
Web App Attack
๐ฎ๐ฉ
hermawan
2025-01-02 19:00:56
(1 year ago)
[Fri Jan 03 00:15:04.551007 2025] [security2:error] [pid 19786:tid 130444039804608] [client 39.154.1 ...
show more
[Fri Jan 03 00:15:04.551007 2025] [security2:error] [pid 19786:tid 130444039804608] [client 39.154.12.82:1408] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "image/heif" at REQUEST_HEADERS:Accept. [file "/etc/modsecurity/coreruleset-4.9.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "73"] [id "441001"] [msg " bot downloader image HEIF Format Only Safari support "] [data "Matched Data: image/heif found within REQUEST_HEADERS:Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/heif,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 request_line = GET /index.php/prakiraan-bulanan/559-prakiraan-potensi-banjir/prakiraan-potensi-banjir-di-propinsi-jawa-timur/prakiraan-potensi-banjir-di-propinsi-jawa-timur-tahun-2017/1245-prakiraan-daerah-potensi-banjir-di-propinsi-jawa-timur-bulan-januari-tahun-2017-update-14-november-2016 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan
...
show less
Hacking
Web App Attack