๐บ๐ธ
TPI-Abuse
2026-06-30 20:47:13
(17 hours ago)
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 16:47:08.550469 2026] [security2:error] [pid 21700:tid 21700] [client 120.240.178.164:60979] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||jillbauman.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "jillbauman.com"] [uri "/"] [unique_id "akQrTML145VM9LcG-TLOGwAAAA4"], referer: https://jillbauman.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 22:41:54
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 18:41:46.478334 2026] [security2:error] [pid 29085:tid 29085] [client 120.240.178.164:18474] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||faithlines.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "faithlines.com"] [uri "/"] [unique_id "ajsLqrOOWMdnNE-qD7JjNQAAAAw"], referer: http://faithlines.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 22:41:18
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 18:41:13.232484 2026] [security2:error] [pid 3907:tid 3907] [client 120.240.178.164:28457] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||theradarshop.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "theradarshop.com"] [uri "/"] [unique_id "ajcXCcz7VyVSxl5hvKyZqgAAAA4"], referer: https://theradarshop.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 21:39:13
(3 weeks ago)
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 17:39:08.817962 2026] [security2:error] [pid 6784:tid 6784] [client 120.240.178.164:34147] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tallersprats.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tallersprats.com"] [uri "/"] [unique_id "aiSTfKzP5rtUCUlBR9W7lgAAAAw"], referer: http://tallersprats.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
botreporter
2026-05-30 00:35:53
(1 month ago)
botnet ignoring robots.txt
Bad Web Bot
Anonymous
2026-05-29 09:29:12
(1 month ago)
FortiWeb WAF: 12 attacks detected. Threat Score: 5000. Types: Client Management(6), GEO IP(6). Origi ...
show more
FortiWeb WAF: 12 attacks detected. Threat Score: 5000. Types: Client Management(6), GEO IP(6). Origin: China.
show less
Web App Attack
๐ซ๐ท
bigorre.org
2026-05-26 16:37:02
(1 month ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
๐ฎ๐น
Progetto1
2026-05-26 03:25:02
(1 month ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 19:28:46
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 15:28:38.073867 2026] [security2:error] [pid 3860:tid 3875] [client 120.240.178.164:37982] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||ecothermtech.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ecothermtech.com"] [uri "/index.php"] [unique_id "ahSi5ve3LH8pAMXlBuA3QAAAAM0"], referer: http://ecothermtech.com/index.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-05-24 23:23:24
(1 month ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-geofence-sus.
Bad Web Bot
Web App Attack
๐ซ๐ท
bigorre.org
2026-05-24 03:29:13
(1 month ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-21 21:42:22
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 17:42:16.679153 2026] [security2:error] [pid 23358:tid 23358] [client 120.240.178.164:28894] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||raystransmission.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "raystransmission.com"] [uri "/"] [unique_id "ag98OOFhHrQ4Hm3im-EhLwAAABc"], referer: http://raystransmission.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-21 19:48:13
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 120.240.178.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 15:48:08.496383 2026] [security2:error] [pid 18094:tid 18094] [client 120.240.178.164:43844] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||sandpointidaho.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "sandpointidaho.com"] [uri "/"] [unique_id "ag9heP_AyJ534ft8tWBfWgAAABI"], referer: http://sandpointidaho.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
botreporter
2026-05-21 18:15:57
(1 month ago)
botnet ignoring robots.txt
Bad Web Bot
๐ญ๐ณ
unph
2026-05-21 15:11:20
(1 month ago)
Intento de acceso sospechoso bloqueado por AbuseIPDB Blocker Plugin
Brute-Force