๐บ๐ธ
TPI-Abuse
2026-07-03 23:18:10
(14 hours ago)
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:18:03.548132 2026] [security2:error] [pid 7287:tid 7287] [client 36.143.40.11:19336] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.ericgwin.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ericgwin.com"] [uri "/"] [unique_id "akhDK47e8wJVBdvKXL0s8QAAAAw"], referer: http://www.ericgwin.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 15:50:45
(22 hours ago)
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 11:50:38.318237 2026] [security2:error] [pid 14962:tid 15009] [client 36.143.40.11:19458] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.boracayboats.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.boracayboats.com"] [uri "/"] [unique_id "akfaTuUaa_0tprgyA3JrLQAAAEw"], referer: http://www.boracayboats.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-01 18:53:31
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 14:53:27.122925 2026] [security2:error] [pid 14926:tid 14926] [client 36.143.40.11:3900] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tomkatkaraoke.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tomkatkaraoke.com"] [uri "/"] [unique_id "ah3VJ5QcNchvZpgYg91P0gAAAAg"], referer: http://tomkatkaraoke.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 21:31:18
(2 months ago)
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 17:31:10.525968 2026] [security2:error] [pid 8684:tid 8684] [client 36.143.40.11:16113] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.nodepot.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.nodepot.com"] [uri "/"] [unique_id "adGDHpZpBXTozi9S8deAZwAAAAw"], referer: https://www.nodepot.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-22 23:08:01
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 19:07:55.823884 2026] [security2:error] [pid 2112:tid 2112] [client 36.143.40.11:4240] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||watongalodging.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "watongalodging.com"] [uri "/index.html"] [unique_id "acB2S8rZtH9VXq8rpRgbggAAAAs"], referer: https://watongalodging.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-17 21:08:40
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 17 17:08:33.010489 2026] [security2:error] [pid 19655:tid 19679] [client 36.143.40.11:19422] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.guitarmans.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.guitarmans.com"] [uri "/"] [unique_id "abnC0RrpDmRo-GshhRiJNwAAANQ"], referer: http://www.guitarmans.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-16 12:32:45
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 16 07:32:40.597724 2026] [security2:error] [pid 1987630:tid 1987658] [client 36.143.40.11:31751] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||bhhg.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "bhhg.org"] [uri "/"] [unique_id "aZMOaHXsSoE-ZpTo2PwnUQAAARc"], referer: https://bhhg.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-23 03:05:13
(9 months ago)
(mod_security) mod_security (id:210350) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210350) triggered by 36.143.40.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 23:05:08.872995 2025] [security2:error] [pid 32574:tid 32574] [client 36.143.40.11:12633] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.renju.net|F|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/130/game/84538/"] [unique_id "aNIOZDRRXwCp_xN4jkfqmwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
bigorre.org
2025-09-10 10:03:31
(9 months ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
๐จ๐ญ
backslash
2025-08-03 05:00:13
(11 months ago)
block ruleset 43A7B4C84F1C495B355A170A3ABE0D75374A5E0D
Bad Web Bot