๐บ๐ธ
TPI-Abuse
2026-07-17 03:40:39
(2 hours ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:40:26.727055 2026] [security2:error] [pid 24262:tid 24302] [client 60.5.185.153:51955] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||barstow-station.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "barstow-station.com"] [uri "/index.html"] [unique_id "almkKqpHxbhvpWV4cc0dygAAAYc"], referer: http://barstow-station.com/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:08:51
(9 hours ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:08:32.999678 2026] [security2:error] [pid 32432:tid 32432] [client 60.5.185.153:37113] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||mickeyinvitations.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mickeyinvitations.com"] [uri "/"] [unique_id "alk6QGY2klazbn-rNSzXfAAAAAs"], referer: http://mickeyinvitations.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 22:59:20
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 18:59:04.554689 2026] [security2:error] [pid 26859:tid 26859] [client 60.5.185.153:13353] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.crusadercreations.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.crusadercreations.com"] [uri "/"] [unique_id "akwzOE48X5S6CNWTerwIkQAAAAs"], referer: http://www.crusadercreations.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 23:39:57
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 19:39:41.796064 2026] [security2:error] [pid 18450:tid 18465] [client 60.5.185.153:46417] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.dwcmachining.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.dwcmachining.com"] [uri "/"] [unique_id "akmZveVp56VxcSpn2sZsQwAAAQs"], referer: https://www.dwcmachining.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 22:09:23
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:09:08.878714 2026] [security2:error] [pid 23901:tid 23901] [client 60.5.185.153:41826] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.allieleejieun.click|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.allieleejieun.click"] [uri "/"] [unique_id "akgzBAVjjBAgIkHJ2rDe-AAAAF0"], referer: http://www.allieleejieun.click/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 21:25:57
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:25:40.854503 2026] [security2:error] [pid 26781:tid 26781] [client 60.5.185.153:0] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:user-agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.portfoliolighting.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.portfoliolighting.net"] [uri "/"] [unique_id "akA_1NHdWbZjkNIy3sd6YwAAAAU"], referer: https://www.portfoliolighting.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-24 19:59:24
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 14:59:09.267971 2026] [security2:error] [pid 811:tid 811] [client 60.5.185.153:24400] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.crochetdoilies.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.crochetdoilies.com"] [uri "/"] [unique_id "aZ4DDdRS0Lvp4Xel1wRWKQAAAAI"], referer: https://www.crochetdoilies.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-16 01:20:43
(5 months ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 20:20:30.773280 2026] [security2:error] [pid 1279397:tid 1279484] [client 60.5.185.153:50544] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.ianajewellery.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ianajewellery.com"] [uri "/"] [unique_id "aZJw3hiHTdmqibfswvhuZwAAAJM"], referer: https://www.ianajewellery.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-08 23:09:36
(5 months ago)
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 60.5.185.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 18:09:19.985866 2026] [security2:error] [pid 20854:tid 20854] [client 60.5.185.153:40932] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||c-blanchard.online|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "c-blanchard.online"] [uri "/"] [unique_id "aYkXn15wImrd-QRZ3T7mXAAAABU"], referer: http://c-blanchard.online/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-11-27 03:29:52
(7 months ago)
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.153
2025-11-26 ...
show more
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/60.5.185.153
2025-11-26 04:21:02 /
show less
Web App Attack