๐บ๐ธ
TPI-Abuse
2026-07-16 09:33:19
(1 hour ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 05:33:09.688332 2026] [security2:error] [pid 21691:tid 21691] [client 180.153.236.66:12465] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||royal-barbershop.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "royal-barbershop.com"] [uri "/"] [unique_id "alilVRx6LLTysRw6IoFQqwAAAAU"], referer: http://royal-barbershop.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 08:25:58
(2 hours ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 04:25:53.423991 2026] [security2:error] [pid 26086:tid 26086] [client 180.153.236.66:31379] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||bknj2.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "bknj2.org"] [uri "/"] [unique_id "aliVkXlBafin5DhRmgVIAQAAAA4"], referer: http://bknj2.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 07:21:12
(3 hours ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 03:21:04.470668 2026] [security2:error] [pid 24732:tid 24820] [client 180.153.236.66:15961] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.ajbruner.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ajbruner.com"] [uri "/"] [unique_id "aliGYF_A43xn4sJWBmsC1wAAAkI"], referer: https://www.ajbruner.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
DocNetzwerk
2026-07-15 10:41:37
(1 day ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 180.153.236.66 (CN/C ...
show more
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 180.153.236.66 (CN/China/-)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-15 03:00:27
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 23:00:21.334788 2026] [security2:error] [pid 20621:tid 20621] [client 180.153.236.66:6729] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.cyclingboardgames.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.cyclingboardgames.net"] [uri "/"] [unique_id "alb3xdC-IkzVHr_xef8ZuwAAAAQ"], referer: https://www.cyclingboardgames.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 10:17:05
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 06:17:01.086606 2026] [security2:error] [pid 14865:tid 14976] [client 180.153.236.66:2517] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.myrtlebeachdiet.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.myrtlebeachdiet.com"] [uri "/"] [unique_id "alNpneOJU-Bi1aFDujKvBgAAAIY"], referer: https://www.myrtlebeachdiet.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 10:10:32
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 06:10:26.396994 2026] [security2:error] [pid 20326:tid 20326] [client 180.153.236.66:62857] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||hotpay.co|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "hotpay.co"] [uri "/"] [unique_id "ak9zkoLsNienvO6UITW4aQAAAAA"], referer: https://hotpay.co/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 09:00:13
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:00:06.080028 2026] [security2:error] [pid 4038:tid 4038] [client 180.153.236.66:26999] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||silverdump.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "silverdump.com"] [uri "/"] [unique_id "ak9jFpQOYdQcmuwtaDJgfgAAAAI"], referer: http://silverdump.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 07:56:36
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 03:56:32.088796 2026] [security2:error] [pid 23651:tid 23651] [client 180.153.236.66:38727] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.cameronwv.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.cameronwv.com"] [uri "/"] [unique_id "ak9UMKXkV4opx_84i7IGVQAAABk"], referer: https://www.cameronwv.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 07:35:52
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:35:45.312186 2026] [security2:error] [pid 23958:tid 23958] [client 180.153.236.66:6843] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.jeranny.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.jeranny.com"] [uri "/"] [unique_id "ak390ZJOASNNMZDQwgCTBAAAAA8"], referer: https://www.jeranny.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 04:42:59
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 00:42:54.014908 2026] [security2:error] [pid 32390:tid 32390] [client 180.153.236.66:51301] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.limobusrichmond.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.limobusrichmond.com"] [uri "/"] [unique_id "aksyTspmiwlYbLr8Qfo12wAAAAg"], referer: https://www.limobusrichmond.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 08:18:36
(1 week ago)
Blocked by siteaihub.com: geo-block: China (CN)
Hacking
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-02 18:34:52
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:34:48.056084 2026] [security2:error] [pid 30313:tid 30313] [client 180.153.236.66:36165] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.good4sound.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.good4sound.com"] [uri "/"] [unique_id "akavSFSl_jHkM_GNGVPKsQAAABo"], referer: http://www.good4sound.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 09:33:27
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:33:18.472583 2026] [security2:error] [pid 32404:tid 32404] [client 180.153.236.66:34987] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||modeltdr.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "modeltdr.com"] [uri "/index.html"] [unique_id "akYwXkQg5yliq4TRsgYPfwAAAAg"], referer: https://modeltdr.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 06:42:11
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 180.153.236.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 02:42:06.027495 2026] [security2:error] [pid 10277:tid 10311] [client 180.153.236.66:14543] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.jofdt.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.jofdt.com"] [uri "/"] [unique_id "akYIPpAqwnx3xWZPgt0prAAAANY"], referer: https://www.jofdt.com/
show less
Brute-Force
Bad Web Bot
Web App Attack