|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 21:29:11.913662 2026] [security2:error] [pid 16012:tid 16023] [client 58.255.236.213:5423] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||wpe.uk.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "wpe.uk.com"] [uri "/index.php"] [unique_id "aksE590a9TG6qAPBuHS_rwAAAIg"], referer: http://wpe.uk.com/index.php
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:16:12.052233 2026] [security2:error] [pid 9624:tid 9624] [client 58.255.236.213:5640] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||casaluzislamujeres.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "casaluzislamujeres.com"] [uri "/"] [unique_id "akhQzPi24Mb2CtnOLqkOjAAAAAA"], referer: http://casaluzislamujeres.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:12:01.833958 2026] [security2:error] [pid 20353:tid 20353] [client 58.255.236.213:5251] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.socialalchemy.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.socialalchemy.com"] [uri "/"] [unique_id "akgXkeAlgcVXkfhlIaFP8gAAAAw"], referer: https://www.socialalchemy.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:39:22.880041 2026] [security2:error] [pid 6966:tid 6966] [client 58.255.236.213:5406] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.bikiniadvice.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.bikiniadvice.com"] [uri "/"] [unique_id "akc8-u4Mt7HV727APmrkRQAAAAw"], referer: http://www.bikiniadvice.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 06:51:11.336965 2026] [security2:error] [pid 1714:tid 1714] [client 58.255.236.213:5947] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||ohwaitiforgot.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ohwaitiforgot.com"] [uri "/"] [unique_id "akZCn03AcnySpHbtWBqWBwAAAAY"], referer: http://ohwaitiforgot.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 17:04:06.097248 2026] [security2:error] [pid 24736:tid 24736] [client 58.255.236.213:4720] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||garrygwilt.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "garrygwilt.com"] [uri "/"] [unique_id "ajMLxu56IkrQm-vdOKfSZQAAAAE"], referer: http://garrygwilt.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 10:08:03.344738 2026] [security2:error] [pid 8728:tid 8728] [client 58.255.236.213:4703] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||spencertatescam.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "spencertatescam.com"] [uri "/"] [unique_id "ajFYw8MyW0HD13SHJe0olQAAAAc"], referer: http://spencertatescam.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
π¨π³
pengpeng
|
|
monitor: on VM-0-7-ubuntu | port: 80 | ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter
|
Port Scan
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 17:18:29.013693 2026] [security2:error] [pid 1279722:tid 1279722] [client 58.255.236.213:7308] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.sfee.info|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.sfee.info"] [uri "/"] [unique_id "aW1cNRdc5d3Gsd3_hIc0JAAAABo"], referer: http://www.sfee.info/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 58.255.236.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 19:14:13.805748 2026] [security2:error] [pid 17131:tid 17131] [client 58.255.236.213:8149] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||cartoondelivery.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "cartoondelivery.com"] [uri "/403.shtml"] [unique_id "aWbf1QmhKW2T_5gi8G8maAAAAA0"], referer: https://cartoondelivery.com/403.shtml
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΏπ¦
IrisFlower
|
|
Unauthorized connection attempt detected from IP address 58.255.236.213 to port 443 [J]
|
Port Scan
Hacking
|
|