๐บ๐ธ
TPI-Abuse
2026-06-14 08:06:52
(6 hours ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 04:06:45.165163 2026] [security2:error] [pid 12780:tid 12780] [client 180.153.236.62:21109] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.skyground.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.skyground.net"] [uri "/"] [unique_id "ai5hFYmQdaumZOtMaAqWQwAAAAc"], referer: https://www.skyground.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 04:31:57
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 00:31:50.497177 2026] [security2:error] [pid 3875:tid 3932] [client 180.153.236.62:51797] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.quantumgaze.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.quantumgaze.com"] [uri "/"] [unique_id "aizdNpTWprZ2F5rA63iTSAAAAVY"], referer: https://www.quantumgaze.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
Progetto1
2026-06-12 08:30:03
(2 days ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 21:35:17
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 17:35:08.964884 2026] [security2:error] [pid 26537:tid 26537] [client 180.153.236.62:32517] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.dualspiralsystems.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.dualspiralsystems.com"] [uri "/"] [unique_id "aisqDEQ_Xm2D4Be-NrZckAAAABU"], referer: http://www.dualspiralsystems.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 07:43:22
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 03:43:10.409089 2026] [security2:error] [pid 17840:tid 17840] [client 180.153.236.62:31221] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||forefrontmusic.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "forefrontmusic.com"] [uri "/"] [unique_id "aipnDiC_xz8a-YIgDZEkJgAAAAE"], referer: http://forefrontmusic.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 06:39:57
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 02:39:51.114668 2026] [security2:error] [pid 18710:tid 18710] [client 180.153.236.62:24527] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.uppermotradingco.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.uppermotradingco.com"] [uri "/"] [unique_id "aipYN09-xk7NezGJUc7F8wAAABQ"], referer: http://www.uppermotradingco.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 05:47:40
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 01:47:34.553304 2026] [security2:error] [pid 25759:tid 25759] [client 180.153.236.62:56379] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||eileensharaga.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "eileensharaga.com"] [uri "/"] [unique_id "aipL9q167cDrafjG2WfEaAAAAAw"], referer: https://eileensharaga.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 07:52:04
(6 days ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:51:57.299989 2026] [security2:error] [pid 12767:tid 12767] [client 180.153.236.62:22703] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.cameronsol.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.cameronsol.com"] [uri "/index.php"] [unique_id "aiZ0nTIcyGtLzIvVPcqv8wAAAAM"], referer: https://www.cameronsol.com/index.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 06:01:52
(6 days ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:01:48.306036 2026] [security2:error] [pid 12359:tid 12359] [client 180.153.236.62:45619] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.ramabahama.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ramabahama.net"] [uri "/"] [unique_id "aiZazFRciU6t8kIL2JJC7wAAAAA"], referer: https://www.ramabahama.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 09:48:56
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 05:48:50.146275 2026] [security2:error] [pid 6193:tid 6193] [client 180.153.236.62:47783] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||grassnplus.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "grassnplus.com"] [uri "/"] [unique_id "aiPtAnF6fVl11X_f4kGiPwAAAAY"], referer: https://grassnplus.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 10:31:33
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 06:31:26.370117 2026] [security2:error] [pid 31240:tid 31252] [client 180.153.236.62:9035] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||vcschief.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "vcschief.org"] [uri "/index.php"] [unique_id "aiFT_gnNpYZR5P2zlP4X3wAAAEo"], referer: https://vcschief.org/index.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 07:01:00
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:00:54.153198 2026] [security2:error] [pid 10993:tid 10993] [client 180.153.236.62:6127] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||kriskringleskorner.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "kriskringleskorner.org"] [uri "/"] [unique_id "aiEips37YhNZrjUc_uEZlAAAABQ"], referer: http://kriskringleskorner.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 06:24:53
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 02:24:47.707606 2026] [security2:error] [pid 17783:tid 17783] [client 180.153.236.62:38385] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.infraredcoatings.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.infraredcoatings.com"] [uri "/"] [unique_id "aiEaLwcfRg7BK5J1wVuDfAAAACc"], referer: https://www.infraredcoatings.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 06:06:35
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 02:06:30.023913 2026] [security2:error] [pid 25391:tid 25391] [client 180.153.236.62:41529] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||jdmicons.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "jdmicons.com"] [uri "/"] [unique_id "aiEV5kw7FQK9qY7PALwTgwAAAAY"], referer: http://jdmicons.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 05:44:35
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 01:44:27.969180 2026] [security2:error] [pid 26032:tid 26032] [client 180.153.236.62:38357] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.cybersoftware.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.cybersoftware.org"] [uri "/"] [unique_id "aiEQu4bwIpiDsv9_CEqLpwAAAAQ"], referer: http://www.cybersoftware.org/
show less
Brute-Force
Bad Web Bot
Web App Attack