๐บ๐ธ
TPI-Abuse
2026-07-14 03:44:07
(11 hours ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 23:44:00.317904 2026] [security2:error] [pid 22216:tid 22216] [client 182.127.32.109:52956] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.al-harbi.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.al-harbi.com"] [uri "/"] [unique_id "alWwgHakaVQgPETzIh4TQQAAAAw"], referer: http://www.al-harbi.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 00:32:55
(14 hours ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 20:32:51.495065 2026] [security2:error] [pid 12349:tid 12349] [client 182.127.32.109:4060] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.thrudheim.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.thrudheim.org"] [uri "/"] [unique_id "alWDs1K0zfQ0NWvUn6KNjQAAAAo"], referer: http://www.thrudheim.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 22:09:20
(16 hours ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 18:09:11.737285 2026] [security2:error] [pid 19668:tid 19668] [client 182.127.32.109:55594] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.kmg365media.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.kmg365media.com"] [uri "/"] [unique_id "alViB5GBPD3_c9uFDFgmAAAAAAM"], referer: http://www.kmg365media.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 21:12:39
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 17:12:31.722171 2026] [security2:error] [pid 1989:tid 1989] [client 182.127.32.109:63001] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||bobfaw.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "bobfaw.com"] [uri "/"] [unique_id "alQDPxia5kaAiRc5zOuMNQAAAA4"], referer: http://bobfaw.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 23:43:54
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 19:43:48.805406 2026] [security2:error] [pid 23315:tid 23315] [client 182.127.32.109:18162] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.abcollie.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.abcollie.com"] [uri "/"] [unique_id "alGDtD_Cmi1_sGUbp8PS8QAAAAs"], referer: https://www.abcollie.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 07:42:54
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 03:42:47.040873 2026] [security2:error] [pid 22762:tid 22786] [client 182.127.32.109:16562] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||dulemba.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "dulemba.com"] [uri "/index.html"] [unique_id "alCidw4cli3fcUthHxnXoQAAAQY"], referer: https://dulemba.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 23:54:45
(6 days ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 19:54:42.256206 2026] [security2:error] [pid 25285:tid 25285] [client 182.127.32.109:14762] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||delstarr.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "delstarr.com"] [uri "/"] [unique_id "ak2RwsrDDCt5NgOykgNi1wAAAAs"], referer: http://delstarr.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 02:48:53
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:48:48.529073 2026] [security2:error] [pid 11048:tid 11048] [client 182.127.32.109:5055] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.hshr.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.hshr.com"] [uri "/"] [unique_id "aksXkE5drE7YlTWPtfxV8gAAAAE"], referer: http://www.hshr.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 01:40:44
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 21:40:38.227145 2026] [security2:error] [pid 698:tid 698] [client 182.127.32.109:47795] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||rebelhollowfarm.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "rebelhollowfarm.com"] [uri "/"] [unique_id "aksHlml3eyckHl-UIgnVBAAAAAY"], referer: http://rebelhollowfarm.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 23:24:50
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 19:24:42.717176 2026] [security2:error] [pid 385:tid 385] [client 182.127.32.109:29169] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||alohaarts.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "alohaarts.com"] [uri "/"] [unique_id "akrnuivk1KrrRNlAzmc8pgAAAAE"], referer: http://alohaarts.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 21:52:38
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 17:52:34.457572 2026] [security2:error] [pid 7337:tid 7337] [client 182.127.32.109:37323] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||e-zschedule.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "e-zschedule.com"] [uri "/403.shtml"] [unique_id "akmAoqglhBtz632KeIwS_gAAAAU"], referer: https://e-zschedule.com/403.shtml
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 20:00:00
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:59:56.554873 2026] [security2:error] [pid 2073:tid 2073] [client 182.127.32.109:57155] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||pamolson.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "pamolson.org"] [uri "/"] [unique_id "akArvF8RhPTSyvK10EfSxgAAADI"], referer: http://pamolson.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 19:43:55
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:43:48.001587 2026] [security2:error] [pid 9399:tid 9399] [client 182.127.32.109:6802] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||vicommunitygardens.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "vicommunitygardens.org"] [uri "/"] [unique_id "akAn88EL7Yvj-9lq16SkWwAAABE"], referer: http://vicommunitygardens.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 21:10:33
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 182.127.32.109 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 17:10:27.966406 2026] [security2:error] [pid 2459:tid 2459] [client 182.127.32.109:49035] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.garanzuayrec.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.garanzuayrec.com"] [uri "/"] [unique_id "aj7qw6DzYE7mhzaznIIWCQAAAAE"], referer: http://www.garanzuayrec.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-26 01:44:13
(2 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack