Anonymous
2026-07-11 04:05:03
(10 hours ago)
Automated report (2026-07-11T04:05:03+00:00). Scraper detected.
Bad Web Bot
Open Proxy
Anonymous
2026-07-10 04:59:32
(1 day ago)
Malicious activity detected
Hacking
Web App Attack
Anonymous
2026-07-05 04:11:01
(6 days ago)
Web attack
Bad Web Bot
Web App Attack
๐ธ๐ฌ
securejdprop
2026-07-01 13:51:00
(1 week ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-01 02:31:46
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:31:41.449083 2026] [security2:error] [pid 12707:tid 12731] [client 119.13.199.44:43627] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kettlehill.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/wp-login.php.bak"] [unique_id "ahzvDfr1zQOtbkd9viUwQQAAABQ"], referer: http://kettlehill.com/wp-login.php.bak
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-05-27 07:57:00
(1 month ago)
IPBlock protected site ID [3192-af][s=02].
Exploit request, vulnerability probe.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-01 20:32:51
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 15:32:44.030168 2026] [security2:error] [pid 3621:tid 3700] [client 119.13.199.44:33729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/wp-config.php.orig"] [unique_id "aaSibCGkUSIuGZsnub39BQAAAIk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-01-26 08:09:31
(5 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
๐ต๐ฑ
rafix
2026-01-14 09:27:31
(5 months ago)
DDoS, #botnet20250114
DDoS Attack
๐ฉ๐ช
HandyTreff.de
2026-01-07 17:16:49
(6 months ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -20.172 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -20.172 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Sa
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2025-12-24 09:43:10
(6 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-12-01 06:59:11
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:59:04.039386 2025] [security2:error] [pid 30768:tid 30774] [client 119.13.199.44:37393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.net"] [uri "/.env.old"] [unique_id "aS08uP5kVQ-rlVW6wYR6TgAAAUI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 15:07:34
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 11:07:28.832234 2025] [security2:error] [pid 12475:tid 12496] [client 119.13.199.44:36233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/api/.env"] [unique_id "aN1DsGCKjmgjI9kURFKZfAAAAVE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-01 09:20:08
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 119.13.199.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 05:20:04.995215 2025] [security2:error] [pid 3904812:tid 3904953] [client 119.13.199.44:34727] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kettlehill.kettlehill.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.kettlehill.com"] [uri "/404.php.bak"] [unique_id "aIyGxOifMJM5rDs5cas7CQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-06-05 14:50:02
(1 year ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack