๐บ๐ธ
TPI-Abuse
2026-07-15 19:30:50
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 15:30:44.101428 2026] [security2:error] [pid 31036:tid 31036] [client 60.24.209.167:18778] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||manty.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "manty.com"] [uri "/"] [unique_id "alff5JiEJsy_j3VtgeetHgAAABw"], referer: http://manty.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 05:31:18
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 01:31:15.200006 2026] [security2:error] [pid 2426:tid 2426] [client 60.24.209.167:20318] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.ussthresher.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ussthresher.com"] [uri "/"] [unique_id "alcbI5y8ftvCk3JCQOymHgAAAA0"], referer: https://www.ussthresher.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 04:22:37
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 00:22:28.942700 2026] [security2:error] [pid 3591:tid 3591] [client 60.24.209.167:18567] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.switkoprofiri.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.switkoprofiri.org"] [uri "/"] [unique_id "alcLBF3KiU7u_d7ukXw1TAAAAAM"], referer: http://www.switkoprofiri.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 20:25:04
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 16:24:57.322655 2026] [security2:error] [pid 18807:tid 18807] [client 60.24.209.167:20259] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.aares2026.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.aares2026.net"] [uri "/index.html"] [unique_id "alabGR-Wu_4Geiy7iYR_ZQAAAAw"], referer: https://www.aares2026.net/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 02:58:01
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 22:57:53.831792 2026] [security2:error] [pid 21812:tid 21812] [client 60.24.209.167:20025] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||scarletveil.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "scarletveil.org"] [uri "/"] [unique_id "alWlsdzk4zjMnIyxJRYFGQAAAAk"], referer: http://scarletveil.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 20:09:42
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 16:09:36.892937 2026] [security2:error] [pid 23713:tid 23713] [client 60.24.209.167:20030] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.watonga.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.watonga.com"] [uri "/index.html"] [unique_id "alVGAN-cUSAER2mrEsDhxQAAABU"], referer: http://www.watonga.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 00:51:52
(5 days ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 20:51:47.398399 2026] [security2:error] [pid 30571:tid 30571] [client 60.24.209.167:20355] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||alpinexport.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "alpinexport.com"] [uri "/"] [unique_id "alQ2oxi-31BFes0N1gW44AAAAAw"], referer: http://alpinexport.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 22:07:38
(5 days ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 18:07:32.831954 2026] [security2:error] [pid 28473:tid 28473] [client 60.24.209.167:19933] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.gkerby.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.gkerby.com"] [uri "/"] [unique_id "alQQJHiz0ER8qnObxe1L0gAAAAw"], referer: http://www.gkerby.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 20:40:44
(5 days ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 16:40:38.364520 2026] [security2:error] [pid 425:tid 425] [client 60.24.209.167:20102] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.tallersprats.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.tallersprats.com"] [uri "/"] [unique_id "alP7xn0vJJrJE43iViYolQAAABQ"], referer: http://www.tallersprats.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-28 05:03:43
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 28 00:03:36.023272 2026] [security2:error] [pid 27601:tid 27601] [client 60.24.209.167:16623] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||rokket.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "rokket.com"] [uri "/index.html"] [unique_id "aaJ3KAld18lALzM3RKJ2RQAAAAA"], referer: http://rokket.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-23 22:24:29
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 17:24:21.393704 2026] [security2:error] [pid 15540:tid 15540] [client 60.24.209.167:17284] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.high5-vr.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.high5-vr.com"] [uri "/"] [unique_id "aZzTlY8942z07UqUyS_KnwAAAAE"], referer: https://www.high5-vr.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 22:30:36
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 17:30:30.294575 2026] [security2:error] [pid 5274:tid 5274] [client 60.24.209.167:16674] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||caferutadelaseda.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "caferutadelaseda.com"] [uri "/"] [unique_id "aZuDhha-_QFJ87aJOtsEAgAAAAE"], referer: http://caferutadelaseda.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 21:21:22
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 16:21:18.094666 2026] [security2:error] [pid 24719:tid 24719] [client 60.24.209.167:16958] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||mtgretnacampmeeting.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mtgretnacampmeeting.com"] [uri "/"] [unique_id "aZtzTuH6brrkC5xiHX9bKwAAAAk"], referer: http://mtgretnacampmeeting.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 02:56:00
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 60.24.209.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 21:55:51.741926 2026] [security2:error] [pid 2943:tid 2943] [client 60.24.209.167:16442] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||eileensharaga.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "eileensharaga.com"] [uri "/"] [unique_id "aZpwN9yuynGlOWHM98pLRQAAAAQ"], referer: https://eileensharaga.com/
show less
Brute-Force
Bad Web Bot
Web App Attack