๐บ๐ธ
TPI-Abuse
2026-07-12 19:32:08
(16 hours ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 15:31:51.426978 2026] [security2:error] [pid 30961:tid 30961] [client 60.5.185.137:33361] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||designamb.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "designamb.com"] [uri "/"] [unique_id "alPrp3dDdJx_3rM7lLeN8gAAAAY"], referer: http://designamb.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 03:35:48
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 23:35:32.089624 2026] [security2:error] [pid 7543:tid 7543] [client 60.5.185.137:62471] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||maleein.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "maleein.com"] [uri "/index.html"] [unique_id "alG6BKTCaJw5SR7EAXH4TgAAAAY"], referer: http://maleein.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 01:17:32
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 21:17:15.174187 2026] [security2:error] [pid 13306:tid 13306] [client 60.5.185.137:25328] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.crearetest.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.crearetest.com"] [uri "/"] [unique_id "aksCG8DMncXbiL4fjZXjqwAAAAM"], referer: http://www.crearetest.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 13:13:07
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 09:12:50.879664 2026] [security2:error] [pid 1222:tid 1253] [client 60.5.185.137:52589] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||bakmail.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "bakmail.net"] [uri "/"] [unique_id "akZj0jLhIqm_CJ71QCH1ngAAAVg"], referer: http://bakmail.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 22:35:20
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:35:03.242538 2026] [security2:error] [pid 13160:tid 13160] [client 60.5.185.137:38638] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.aaabft.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.aaabft.com"] [uri "/"] [unique_id "akWWFxjZ3eh1DPKnL3qBkQAAAAA"], referer: http://www.aaabft.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 23:11:04
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 19:10:50.311622 2026] [security2:error] [pid 15190:tid 15190] [client 60.5.185.137:33671] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.15tobefit.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.15tobefit.com"] [uri "/index.html"] [unique_id "akL7eq7U2vrvBBc7oI_tcAAAAAA"], referer: http://www.15tobefit.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 22:08:47
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 18:08:30.072788 2026] [security2:error] [pid 29032:tid 29105] [client 60.5.185.137:45352] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.forrestwozniak.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.forrestwozniak.com"] [uri "/"] [unique_id "ahdrXmwfNmk6papy3W59zAAAAUw"], referer: http://www.forrestwozniak.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-04-03 23:01:09
(3 months ago)
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.137
2026-04-03 ...
show more
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.137
2026-04-03 00:26:00 /config.json
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-04-02 23:07:19
(3 months ago)
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.137
2026-04-02 ...
show more
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.137
2026-04-02 22:53:54 /sitemap.xml
2026-04-02 17:06:36 /sitemap.xml
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-03-31 22:52:43
(3 months ago)
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.137
2026-03-31 ...
show more
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.137
2026-03-31 07:27:49 /config.json
2026-03-31 05:01:10 /robots.txt
2026-03-31 09:29:29 /
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-03-30 22:56:40
(3 months ago)
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.137
2026-03-30 ...
show more
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.137
2026-03-30 08:33:39 /
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-22 21:43:29
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 17:43:17.350078 2026] [security2:error] [pid 7077:tid 7077] [client 60.5.185.137:64143] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.susanoneill.us|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.susanoneill.us"] [uri "/"] [unique_id "acBidV-qi-uY4TlhQAxSWgAAAA8"], referer: https://www.susanoneill.us/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-15 20:14:14
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 15 16:13:56.546142 2026] [security2:error] [pid 24058:tid 24134] [client 60.5.185.137:14186] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.metrobaselexpoforum.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.metrobaselexpoforum.org"] [uri "/"] [unique_id "abcTBOBjnLh3hc58XNAaDQAAAMI"], referer: http://www.metrobaselexpoforum.org/
show less
Brute-Force
Bad Web Bot
Web App Attack