πΊπΈ
TPI-Abuse
2026-07-11 21:46:37
(11 hours ago)
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 17:46:31.197383 2026] [security2:error] [pid 1794:tid 1794] [client 183.253.120.123:4077] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||gictd.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "gictd.com"] [uri "/index.html"] [unique_id "alK5t83fXvZyOlOA12EOgQAAAAE"], referer: https://gictd.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-11 02:57:30
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 22:57:24.917000 2026] [security2:error] [pid 17306:tid 17306] [client 183.253.120.123:3986] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.linguistes.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.linguistes.com"] [uri "/"] [unique_id "alGxFGdxY9OvLS_dtu_cUAAAAAs"], referer: http://www.linguistes.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-10 21:55:16
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 17:55:11.433910 2026] [security2:error] [pid 24332:tid 24332] [client 183.253.120.123:3788] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.mtalame.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.mtalame.com"] [uri "/"] [unique_id "alFqP-z9xx0seBpcGpZvbAAAAAA"], referer: http://www.mtalame.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 05:46:19
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 01:46:10.216832 2026] [security2:error] [pid 10755:tid 10755] [client 183.253.120.123:3621] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||jiggajones.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "jiggajones.com"] [uri "/index.html"] [unique_id "akdMouwlNXgalMry7oxUeAAAAAY"], referer: http://jiggajones.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 03:50:53
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 23:50:45.522539 2026] [security2:error] [pid 23505:tid 23505] [client 183.253.120.123:4038] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||jambmaster.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "jambmaster.com"] [uri "/"] [unique_id "akcxlbYJNmXh5tntoWyrLQAAAAo"], referer: https://jambmaster.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 16:20:47
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 12:20:40.568555 2026] [security2:error] [pid 29551:tid 29551] [client 183.253.120.123:3892] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.walterceron.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.walterceron.com"] [uri "/"] [unique_id "akaP2AqJbGbyb1wWri4JoQAAABk"], referer: https://www.walterceron.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-25 22:54:15
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 183.253.120.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 18:54:06.780559 2026] [security2:error] [pid 5100:tid 5100] [client 183.253.120.123:3986] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.line2.biz|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.line2.biz"] [uri "/.403.html"] [unique_id "aj2xjujRfYvYryt62UUI-AAAAB0"], referer: https://www.line2.biz/.403.html
show less
Brute-Force
Bad Web Bot
Web App Attack