πΊπΈ
TPI-Abuse
2026-01-17 14:46:45
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 09:46:41.817582 2026] [security2:error] [pid 7141:tid 7141] [client 150.107.225.214:43441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.dev.local"] [unique_id "aWug0bafpe5nRTLdPrp22QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-29 18:55:31
(6 months ago)
(mod_security) mod_security (id:220150) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:220150) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:55:24.549814 2025] [security2:error] [pid 22840:tid 22943] [client 150.107.225.214:60173] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||www.kettlehill.net|F|2"] [data "-1unionselect1,md5(999999999),3,4,5--"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.kettlehill.net"] [uri "/admin/manage_user.php"] [unique_id "aVLOnPUSdzJ-gbjPWKhJUAAAAIo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-29 10:37:43
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 05:37:37.193882 2025] [security2:error] [pid 29620:tid 29764] [client 150.107.225.214:39759] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.net"] [uri "/.env_1"] [unique_id "aSrM8WvS3KDdkNmxDpWnJgAAAkc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΈπͺ
Johan Finn
2025-08-23 13:43:08
(10 months ago)
malicious activity, botnet
Web App Attack
πΊπΈ
TPI-Abuse
2025-07-27 01:29:24
(11 months ago)
(mod_security) mod_security (id:217200) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:217200) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:29:21.749647 2025] [security2:error] [pid 729659:tid 729729] [client 150.107.225.214:48559] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header||cpanel.staging.kettlehill.com|F|2"] [data "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "cpanel.staging.kettlehill.com"] [uri "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [unique_id "aIWA8X2RRV3bCvyhjSKYiAAAAEg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-06-22 21:41:34
(1 year ago)
Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2025-05-29 18:47:50
(1 year ago)
(mod_security) mod_security (id:221260) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:221260) triggered by 150.107.225.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 14:45:05.719520 2025] [security2:error] [pid 3192112:tid 3192112] [client 150.107.225.214:45031] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||cpcalendars.farmers123.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/cgi-bin/test-cgi"] [unique_id "aDirMfI92qyxEF6kGh0-gwAAAAo"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
Vincent Helmus
2025-05-16 17:40:16
(1 year ago)
ALL
DNS Compromise
DNS Poisoning
Fraud Orders
DDoS Attack
FTP Brute-Force
Ping of Death
Phishing
Fraud VoIP
Open Proxy
Web Spam
Email Spam
Blog Spam
VPN IP
Port Scan
Hacking
SQL Injection
Spoofing
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH
IoT Targeted
Anonymous
2025-02-27 17:30:22
(1 year ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
πΊπΈ
ChamberofCommerce.com
2023-11-06 01:52:55
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
πΊπΈ
ChamberofCommerce.com
2023-11-02 03:26:21
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
πΊπΈ
ChamberofCommerce.com
2023-10-30 22:40:21
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227
show less
Bad Web Bot