๐บ๐ธ
TPI-Abuse
2026-07-03 12:34:39
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:34:36.586210 2026] [security2:error] [pid 23150:tid 23170] [client 60.27.225.146:16942] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.draas.info|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.draas.info"] [uri "/"] [unique_id "akesXNk5lSCl_6D6w_J3-wAAAFE"], referer: http://www.draas.info/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:45:42
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:45:37.911650 2026] [security2:error] [pid 10039:tid 10039] [client 60.27.225.146:17726] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||cityindustries.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "cityindustries.com"] [uri "/index.html"] [unique_id "akeg4Xew3dGxncZyjsVqyQAAAAA"], referer: http://cityindustries.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 05:10:09
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 01:10:04.408917 2026] [security2:error] [pid 32349:tid 32354] [client 60.27.225.146:17746] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.secdc.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.secdc.org"] [uri "/index.html"] [unique_id "akdELFV8Mtx1mG6NHruL3gAAAII"], referer: http://www.secdc.org/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 03:33:11
(3 days ago)
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 23:33:03.890289 2026] [security2:error] [pid 11046:tid 11046] [client 60.27.225.146:17422] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tcmu.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tcmu.org"] [uri "/index.html"] [unique_id "akSKb7eIVINmbb8rFNoROAAAAAE"], referer: https://tcmu.org/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 11:22:40
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 07:22:35.322343 2026] [security2:error] [pid 20509:tid 20509] [client 60.27.225.146:17400] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||mydarklady.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mydarklady.com"] [uri "/"] [unique_id "akOm-14cqQlcD1_vmK79CAAAABU"], referer: http://mydarklady.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 01:17:37
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 21:17:31.974704 2026] [security2:error] [pid 433:tid 433] [client 60.27.225.146:18333] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||gospectre.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "gospectre.com"] [uri "/"] [unique_id "akMZK2SSBy5bEZCThG7tkgAAACM"], referer: http://gospectre.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 19:33:26
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.225.146 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 15:33:22.550055 2026] [security2:error] [pid 23965:tid 23965] [client 60.27.225.146:17233] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.walterceron.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.walterceron.com"] [uri "/"] [unique_id "akLIgjzzwfFI1tkQpNK5HQAAAAQ"], referer: https://www.walterceron.com/
show less
Brute-Force
Bad Web Bot
Web App Attack