๐บ๐ธ
TPI-Abuse
2026-07-15 17:35:56
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): ...
show more
(mod_security) mod_security (id:210730) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 13:35:50.213388 2026] [security2:error] [pid 892700:tid 892700] [client 167.114.139.61:19674] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||livesteamtracks.info|F|2"] [data ".maricopalivesteamers.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "livesteamtracks.info"] [uri "/poi/www.maricopalivesteamers.com"] [unique_id "alfE9rdi2IVoytXWSqFa7QAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 23:18:06
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): ...
show more
(mod_security) mod_security (id:210730) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 19:18:00.424721 2026] [security2:error] [pid 32494:tid 32494] [client 167.114.139.61:17670] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||med-engineering.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "med-engineering.com"] [uri "/femalegra.com"] [unique_id "akmUqE8ooZY3J5BKzEZQPgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Hazzard
2026-06-18 00:44:47
(1 month ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)
Bad Web Bot
๐บ๐ธ
etu brutus
2026-06-11 05:13:58
(1 month ago)
167.114.139.61 Blocked by [Attack Vector List]
...
Hacking
Brute-Force
Exploited Host
๐ฉ๐ช
ghostwarriors
2026-06-06 05:50:45
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-05-06 02:50:10
(2 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-06 22:32:35
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): ...
show more
(mod_security) mod_security (id:210730) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 18:32:28.790447 2026] [security2:error] [pid 833655:tid 833655] [client 167.114.139.61:45662] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vitalitywebb.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Kendall II/Thumbs.db"] [unique_id "adQ0fBauaI4ks2koDe-7_gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-04-06 18:20:42
(3 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
LotPhantom
2026-04-02 06:16:27
(3 months ago)
167.114.139.61 - - [02/Apr/2026:06:15:33 +0000] "GET / HTTP/2.0" 200 35207 "-" "Mozilla/5.0 (compati ...
show more
167.114.139.61 - - [02/Apr/2026:06:15:33 +0000] "GET / HTTP/2.0" 200 35207 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
...
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-03-29 04:42:18
(3 months ago)
(mod_security) mod_security (id:217291) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): ...
show more
(mod_security) mod_security (id:217291) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 00:42:13.308222 2026] [security2:error] [pid 29933:tid 29933] [client 167.114.139.61:21808] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(\\\\n|\\\\r)" at ARGS_NAMES:\\r fromwhere. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "145"] [id "217291"] [rev "2"] [msg "HTTP Header Injection Attack via payload (CR/LF detected)||www.briancastle.com|F|2"] [data "Matched Data: \\x0d found within ARGS_NAMES:\\x5cr fromwhere: \\x0d fromwhere"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "www.briancastle.com"] [uri "/g12terms.php"] [unique_id "acitpVwMJBOeHTYiTrUPuwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-03-24 15:20:06
(3 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
rtbh.com.tr
2026-03-20 20:12:13
(3 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐ฉ๐ช
ghostwarriors
2026-03-20 04:50:26
(3 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-16 13:34:44
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): ...
show more
(mod_security) mod_security (id:210730) triggered by 167.114.139.61 (proxy-ca000-san61.ahrefs.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 16 09:34:41.285176 2026] [security2:error] [pid 25586:tid 25586] [client 167.114.139.61:51360] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||efhgtc.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "efhgtc.org"] [uri "/[email protected] "] [unique_id "abgG8aA3V8gYe5HHFFA-MgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-03-13 08:50:20
(4 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack