๐ฉ๐ช
HandyTreff.de
2026-07-11 02:46:56
(12 hours ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -64.613 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -64.613 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.26
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 06:05:49
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 02:05:44.471025 2026] [security2:error] [pid 25250:tid 25250] [client 183.199.180.18:17750] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||m.floorswedo.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "m.floorswedo.com"] [uri "/"] [unique_id "ak86OBtA9E1VarTxtpz-cgAAAAI"], referer: http://m.floorswedo.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 02:58:24
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 22:58:17.602455 2026] [security2:error] [pid 30142:tid 30142] [client 183.199.180.18:20893] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||thekingtones.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "thekingtones.com"] [uri "/"] [unique_id "ak8OSaKauP3hbv7ugV6OaQAAABM"], referer: http://thekingtones.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 02:32:24
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 22:32:16.426534 2026] [security2:error] [pid 10496:tid 10496] [client 183.199.180.18:6110] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||rondeal.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "rondeal.com"] [uri "/index.html"] [unique_id "ak8IMKLVwWLfLTZeri-UzAAAAAA"], referer: https://rondeal.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 10:12:00
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 06:11:52.834686 2026] [security2:error] [pid 1509:tid 1513] [client 183.199.180.18:1838] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.citydentalclinic.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.citydentalclinic.com"] [uri "/"] [unique_id "akzQ6GlhtRWGJLCNO1M8jgAAAEI"], referer: http://www.citydentalclinic.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 08:00:00
(5 days ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:59:54.438605 2026] [security2:error] [pid 22026:tid 22026] [client 183.199.180.18:19353] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||circleway.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "circleway.org"] [uri "/"] [unique_id "aktgelP1_NhupJqsP4VIgAAAAAs"], referer: http://circleway.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 22:20:57
(5 days ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:20:49.344418 2026] [security2:error] [pid 29471:tid 29471] [client 183.199.180.18:16269] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.charityroast.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.charityroast.net"] [uri "/"] [unique_id "akrYwTVt7QFmizropE8ajwAAABQ"], referer: http://www.charityroast.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-07-05 19:39:47
(5 days ago)
[SunJul0521:39:41.7257582026][security2:error][pid62327:tid62607][client183.199.180.18:0]ModSecurity ...
show more
[SunJul0521:39:41.7257582026][security2:error][pid62327:tid62607][client183.199.180.18:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof\"rx\(http://bsalsa\\\\\\\\.com\|\^site24x7\)\"against\"REQUEST_HEADERS:User-Agent\"required.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"282\"][id\"330094\"][rev\"5\"][msg\"Atomicorp.comWAFRules:CompromisedUser-AgentAgentAttackblocked\"][severity\"CRITICAL\"][hostname\"www.executivekotech.com\"][uri\"/\"][unique_id\"akqy_V0QObrtJHiELBXsvgAAAMM\"]\,referer:http://www.executivekotech.com/
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-01 19:54:18
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 15:54:13.444879 2026] [security2:error] [pid 14787:tid 14787] [client 183.199.180.18:7865] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.hawaiireservations.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.hawaiireservations.com"] [uri "/"] [unique_id "ah3jZRgHy-kZkOSpUxx1ngAAAAI"], referer: http://www.hawaiireservations.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-23 21:15:19
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 17:15:13.872122 2026] [security2:error] [pid 16307:tid 16307] [client 183.199.180.18:13261] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||nymarts.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "nymarts.com"] [uri "/index.html"] [unique_id "ahIY4SPSUD0zfxc59HGfJQAAAG4"], referer: https://nymarts.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-05-05 23:23:42
(2 months ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/183.199.180.18
2026-05-05 1 ...
show more
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/183.199.180.18
2026-05-05 12:42:32 /favicon.ico
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 19:25:07
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 15:25:00.092557 2026] [security2:error] [pid 10563:tid 10563] [client 183.199.180.18:5386] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||robcohn.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "robcohn.com"] [uri "/"] [unique_id "adAUDNkbI5AXvlkwjFlykgAAAAY"], referer: http://robcohn.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-03-26 23:52:08
(3 months ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/183.199.180.18
2026-03-26 1 ...
show more
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/183.199.180.18
2026-03-26 12:48:51 /config.json
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-03-25 23:32:37
(3 months ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/183.199.180.18
2026-03-25 0 ...
show more
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/183.199.180.18
2026-03-25 07:15:23 /sitemap.xml
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-01 22:39:05
(5 months ago)
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 183.199.180.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 17:39:00.617752 2026] [security2:error] [pid 11103:tid 11103] [client 183.199.180.18:13584] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||hawkinsenterprise.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "hawkinsenterprise.com"] [uri "/"] [unique_id "aX_WBAzaQ0pL5WgNLNX5zwAAABI"], referer: http://hawkinsenterprise.com/
show less
Brute-Force
Bad Web Bot
Web App Attack