๐บ๐ธ
TPI-Abuse
2026-07-03 07:50:03
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:49:53.190226 2026] [security2:error] [pid 30754:tid 30754] [client 223.81.246.12:2135] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||ic1.biz|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ic1.biz"] [uri "/index.html"] [unique_id "akdpobjmc6IOGCTvlzdwVQAAAAQ"], referer: http://ic1.biz/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 00:45:06
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 20:44:49.730807 2026] [security2:error] [pid 9172:tid 9172] [client 223.81.246.12:2247] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||kotelbarmitzvah.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "kotelbarmitzvah.com"] [uri "/"] [unique_id "akMRgYhGVpe_UErQSELomQAAABU"], referer: https://kotelbarmitzvah.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 19:39:34
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 15:39:22.089680 2026] [security2:error] [pid 30218:tid 30218] [client 223.81.246.12:2415] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.noshsf.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.noshsf.com"] [uri "/"] [unique_id "akLJ6v5YN6ABhRzkRlKL0gAAABI"], referer: http://www.noshsf.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 22:22:10
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 18:22:01.047814 2026] [security2:error] [pid 32371:tid 32371] [client 223.81.246.12:2133] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||visitcampbellford.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "visitcampbellford.com"] [uri "/"] [unique_id "ajMeCdhdIwnw5r-qHAYVlwAAAAY"], referer: http://visitcampbellford.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-01 22:40:08
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 18:39:56.103997 2026] [security2:error] [pid 1806:tid 1806] [client 223.81.246.12:2053] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.omnitractors.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.omnitractors.com"] [uri "/index.html"] [unique_id "ah4KPOSQty7DotAPKsqB8gAAAAY"], referer: http://www.omnitractors.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-29 21:05:22
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 17:05:11.147687 2026] [security2:error] [pid 6845:tid 6845] [client 223.81.246.12:2262] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.k2medianetworks.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.k2medianetworks.com"] [uri "/"] [unique_id "ahn_hxdq7Jd1DyRkHk0U6gAAAAA"], referer: http://www.k2medianetworks.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-29 20:41:33
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 16:41:17.659580 2026] [security2:error] [pid 31201:tid 31201] [client 223.81.246.12:2375] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.rdsparts.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.rdsparts.com"] [uri "/"] [unique_id "ahn57RTLdlmakdKlEPG41QAAAA4"], referer: http://www.rdsparts.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 02:31:06
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 22:30:58.947035 2026] [security2:error] [pid 1723:tid 1723] [client 223.81.246.12:2073] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||lisalehmann.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "lisalehmann.com"] [uri "/index.html"] [unique_id "ahO0YlqNF0w8eE2Uxx6NXQAAAAI"], referer: http://lisalehmann.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-21 20:40:09
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 16:39:59.008827 2026] [security2:error] [pid 3591:tid 3591] [client 223.81.246.12:2535] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.stressmyth.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.stressmyth.com"] [uri "/"] [unique_id "ag9tn3LQh2izNxJdMeOXvQAAABo"], referer: http://www.stressmyth.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 21:14:03
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.81.246.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:13:55.103006 2026] [security2:error] [pid 29867:tid 29884] [client 223.81.246.12:2406] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||360degreevalue.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "360degreevalue.com"] [uri "/"] [unique_id "ag4kE_ZvqoUF6Pw-Yxj1HwAAAM4"], referer: http://360degreevalue.com/
show less
Brute-Force
Bad Web Bot
Web App Attack