๐บ๐ธ
TPI-Abuse
2026-07-14 21:13:37
(21 hours ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 17:13:33.712211 2026] [security2:error] [pid 10025:tid 10025] [client 125.40.95.252:31781] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||36hoursonly.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "36hoursonly.com"] [uri "/"] [unique_id "alamfTNWH37_FkBcsiMljQAAAAg"], referer: http://36hoursonly.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 01:07:09
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 21:07:01.488562 2026] [security2:error] [pid 12855:tid 12855] [client 125.40.95.252:13503] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||warpedweed.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "warpedweed.com"] [uri "/"] [unique_id "alQ6Nb2I4LK_a49TA5qlNwAAAAg"], referer: https://warpedweed.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 03:50:03
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 23:49:54.315264 2026] [security2:error] [pid 26946:tid 26946] [client 125.40.95.252:46949] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.ronaldagrant.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ronaldagrant.com"] [uri "/"] [unique_id "alMO4nyILKtkDa7XnDCDewAAABA"], referer: http://www.ronaldagrant.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 03:05:34
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 23:05:25.938859 2026] [security2:error] [pid 13700:tid 13700] [client 125.40.95.252:19276] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||artspacecleveland.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "artspacecleveland.org"] [uri "/"] [unique_id "akh4dR2yq4-MNmgRCHoGZwAAABU"], referer: http://artspacecleveland.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:06:35
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:06:28.116073 2026] [security2:error] [pid 7600:tid 7600] [client 125.40.95.252:47212] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tcmu.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tcmu.org"] [uri "/index.html"] [unique_id "akgWRNp64xI5pRKMEYbTlwAAAA0"], referer: http://tcmu.org/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 22:59:25
(3 weeks ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 18:59:20.874110 2026] [security2:error] [pid 13520:tid 13544] [client 125.40.95.252:4662] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.coherencerx.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.coherencerx.com"] [uri "/"] [unique_id "ajsPyLvrwleTW2CmrrJKagAAARc"], referer: http://www.coherencerx.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 00:59:20
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:59:15.695812 2026] [security2:error] [pid 7150:tid 7150] [client 125.40.95.252:47556] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||beckersystems.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "beckersystems.com"] [uri "/"] [unique_id "ai9OYxlh3d5BI5WFyha7lwAAAA0"], referer: http://beckersystems.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-05 18:58:03
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 14:57:58.518031 2026] [security2:error] [pid 1787:tid 1796] [client 125.40.95.252:53775] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.eldebslaw.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.eldebslaw.com"] [uri "/"] [unique_id "aiMcNouCdTs1fgOc64brnQAAAAM"], referer: http://www.eldebslaw.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 21:26:58
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 17:26:53.959436 2026] [security2:error] [pid 23967:tid 23967] [client 125.40.95.252:7203] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||colorwize.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "colorwize.com"] [uri "/"] [unique_id "ab8NHSk_1htBeqPRD3GZpwAAAAs"], referer: http://colorwize.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-02 03:00:41
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 22:00:35.498614 2026] [security2:error] [pid 454:tid 454] [client 125.40.95.252:31234] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.abcollie.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.abcollie.com"] [uri "/"] [unique_id "aaT9U9-R0Ks74-uomgXFDgAAABE"], referer: https://www.abcollie.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-14 23:21:47
(5 months ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:21:40.788299 2026] [security2:error] [pid 25468:tid 25468] [client 125.40.95.252:48999] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.sahinozalit.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.sahinozalit.com"] [uri "/"] [unique_id "aZEDhGohV3u-n0pQbrLn7gAAAA4"], referer: https://www.sahinozalit.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-29 19:00:58
(5 months ago)
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 125.40.95.252 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 14:00:52.616805 2026] [security2:error] [pid 30252:tid 30252] [client 125.40.95.252:33039] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.fhlove.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.fhlove.org"] [uri "/"] [unique_id "aXuuZOxEEPvDlzM2xaMUaAAAAAI"], referer: http://www.fhlove.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-07-19 22:25:28
(11 months ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/125.40.95.252
2025-07- ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/125.40.95.252
2025-07-19 03:30:25 /robots.txt
show less
Web App Attack