πΊπΈ
TPI-Abuse
2026-07-03 07:59:03
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:58:54.690614 2026] [security2:error] [pid 32623:tid 32623] [client 36.159.137.195:27842] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||restlesseye.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "restlesseye.com"] [uri "/"] [unique_id "akdrvsSC43X7bRgXhj2GJwAAAAs"], referer: http://restlesseye.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 02:04:09
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 22:04:04.196402 2026] [security2:error] [pid 3884:tid 3899] [client 36.159.137.195:27958] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||heworeblack.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "heworeblack.com"] [uri "/"] [unique_id "akXHFL3HAfmVZJQtCLUAfgAAAE0"], referer: http://heworeblack.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 11:23:10
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:23:02.204615 2026] [security2:error] [pid 32294:tid 32294] [client 36.159.137.195:1862] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||sheargrafix.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "sheargrafix.com"] [uri "/index.html"] [unique_id "akEEFuw1khfyZw1lKBlTjAAAAAs"], referer: http://sheargrafix.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-25 23:20:17
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 19:20:09.308174 2026] [security2:error] [pid 21543:tid 21543] [client 36.159.137.195:36115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||aquatech-ind.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "aquatech-ind.com"] [uri "/index.html"] [unique_id "aj23qTkxQD_se3Txe29VEwAAABI"], referer: https://aquatech-ind.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 02:30:18
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 22:30:09.285036 2026] [security2:error] [pid 31955:tid 31955] [client 36.159.137.195:35959] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||barriebrown.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "barriebrown.com"] [uri "/"] [unique_id "ajtBMYQS6K5mtQNMl3VV8AAAAB0"], referer: http://barriebrown.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 21:32:31
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 17:32:24.957609 2026] [security2:error] [pid 11580:tid 11580] [client 36.159.137.195:27828] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||latonyaproctor.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "latonyaproctor.com"] [uri "/"] [unique_id "ajmp6BRm86NSEnMdG8oD_AAAAAc"], referer: http://latonyaproctor.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 08:30:20
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 04:30:15.873197 2026] [security2:error] [pid 22584:tid 22584] [client 36.159.137.195:28282] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.mountainararattrek.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.mountainararattrek.com"] [uri "/"] [unique_id "ajjyl4y__niwS-4U1mBjUwAAADU"], referer: http://www.mountainararattrek.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 02:20:50
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:20:43.213261 2026] [security2:error] [pid 10817:tid 10817] [client 36.159.137.195:15329] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.staben.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.staben.com"] [uri "/"] [unique_id "ahzse17E2JiwHR0m5sEufgAAABI"], referer: https://www.staben.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-25 21:39:11
(5 months ago)
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 36.159.137.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 16:39:03.547674 2026] [security2:error] [pid 15534:tid 15534] [client 36.159.137.195:55154] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||yankeetownfishing.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "yankeetownfishing.com"] [uri "/"] [unique_id "aXaNdxrSAUN_QErPytyxiwAAAA8"], referer: http://yankeetownfishing.com/
show less
Brute-Force
Bad Web Bot
Web App Attack