๐บ๐ธ
TPI-Abuse
2026-07-02 00:57:16
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 20:57:05.880190 2026] [security2:error] [pid 19596:tid 19596] [client 39.154.8.95:14063] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.spirits66.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.spirits66.com"] [uri "/"] [unique_id "akW3YcXPehYsIYDD9-822AAAAB8"], referer: https://www.spirits66.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 02:27:22
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 22:27:11.170617 2026] [security2:error] [pid 26841:tid 26841] [client 39.154.8.95:7778] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.sawtoothstudios.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.sawtoothstudios.com"] [uri "/"] [unique_id "akR6_0WZbO_1XjMQBpr1jwAAAAI"], referer: http://www.sawtoothstudios.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-03-31 22:18:56
(3 months ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/39.154.8.95
2026-03-31 04:3 ...
show more
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/39.154.8.95
2026-03-31 04:37:06 /
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 02:47:53
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 28 22:47:42.578644 2026] [security2:error] [pid 21448:tid 21448] [client 39.154.8.95:14701] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.title23.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.title23.com"] [uri "/"] [unique_id "aciSzh2L2rQJl52gpw5kywAAAAg"], referer: http://www.title23.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-25 22:47:59
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 18:47:51.537334 2026] [security2:error] [pid 20589:tid 20589] [client 39.154.8.95:25657] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||lloydprins.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "lloydprins.com"] [uri "/"] [unique_id "acRmFxFOXi_SkeIuhjFJygAAAA4"], referer: http://lloydprins.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 02:00:05
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 21:59:54.288954 2026] [security2:error] [pid 31650:tid 31688] [client 39.154.8.95:9904] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||mastersofthesecrets.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mastersofthesecrets.com"] [uri "/"] [unique_id "ab37muC80wPqD-WtJuNT3wAAAIs"], referer: https://mastersofthesecrets.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-15 19:53:19
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 15 15:53:08.808517 2026] [security2:error] [pid 6182:tid 6182] [client 39.154.8.95:9907] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||goldengatecorgis.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "goldengatecorgis.org"] [uri "/index.php"] [unique_id "abcOJMeK0iXNL9gVG3BhrgAAABQ"], referer: http://goldengatecorgis.org/index.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-16 00:22:28
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.8.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 19:22:18.764083 2026] [security2:error] [pid 20520:tid 20520] [client 39.154.8.95:12886] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.beautyradio.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.beautyradio.com"] [uri "/"] [unique_id "aZJjOveUswpIUdFbGBMz5gAAABw"], referer: http://www.beautyradio.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-09-12 22:21:25
(9 months ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/39.154.8.95
2025-09-12 ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/39.154.8.95
2025-09-12 02:46:59 /sitemap.xml
show less
Web App Attack
๐บ๐ธ
kosada.com
2025-09-10 22:04:19
(9 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
๐ธ๐ช
cheatmaster.store
2025-06-09 00:51:26
(1 year ago)
Blocked on port 23398 (TTL:157, LEN:75, TOS:0x00). Reason: UFW BLOCK IN=eth0 OUT= MAC=00:11:22:33:44 ...
show more
Blocked on port 23398 (TTL:157, LEN:75, TOS:0x00). Reason: UFW BLOCK IN=eth0 OUT= MAC=00:11:22:33:44:55 SRC=39.154.8.95 DST=45.134.39.16 LEN=75 TOS=0x00 PREC=0x00 TTL=157 ID=12345 PROTO=TCP SPT=12345 DPT=23398 WINDOW=65535 RES=0x00 SYN URGP=0. Reported by DigitalLodge Security.
show less
Hacking
Brute-Force