๐จ๐ญ
backslash
2026-04-19 02:48:00
(2 months ago)
block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8
Bad Web Bot
๐ซ๐ท
dynamix
2026-04-16 15:22:30
(2 months ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-04-13 07:11:13
(3 months ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-03-06 10:50:03
(4 months ago)
| Shellshock attack detected
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-02-01 11:36:38
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:34:14.230956 2026] [security2:error] [pid 16722:tid 16890] [client 191.101.41.193:56007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/.env."] [unique_id "aX86NsyMbG6v0xSDvGJfoQAAAsQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-01-11 14:30:07
(6 months ago)
block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-11-12 09:02:46
(8 months ago)
(mod_security) mod_security (id:210492) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 04:02:41.093799 2025] [security2:error] [pid 30765:tid 30765] [client 191.101.41.193:43715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.nbcnewsradio.com"] [uri "/_.htaccess"] [unique_id "aRRNMa8_u17ztpsCg7pUFAAAADA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 15:44:28
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 11:44:20.033509 2025] [security2:error] [pid 30110:tid 30160] [client 191.101.41.193:48833] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kettlehill.net|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.net"] [uri "/db_config.php.bak"] [unique_id "aN1MVMkWrLLgoGKIU58jcAAAAc8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-01 07:45:43
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 03:45:40.012663 2025] [security2:error] [pid 2749697:tid 2749814] [client 191.101.41.193:47145] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kettlehill.kettlehill.com|F|2"] [data ".com.db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/kettlehill.com.db"] [unique_id "aDwFJGzUxJS8AZi9Bz3ieAAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-30 19:36:32
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 191.101.41.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 15:36:28.883904 2025] [security2:error] [pid 581923:tid 581923] [client 191.101.41.193:43965] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.nbcnewsradio.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nbcnewsradio.com"] [uri "/\\\\windows/win.ini"] [unique_id "aDoIvE16KAQcwMUXwRAc6wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2024-03-24 14:08:08
(2 years ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ซ๐ท
uhlhosting
2024-03-23 19:59:44
(2 years ago)
darkbot.in 191.101.41.193 - - [23/Mar/2024:20:59:43.179346 +0100] "GET //small.php HTTP/1.1" 403 199 ...
show more
darkbot.in 191.101.41.193 - - [23/Mar/2024:20:59:43.179346 +0100] "GET //small.php HTTP/1.1" 403 199 "-" "-" Zf80r1VMiBNyR7bHPuUNEwAAAUI "-" /apache/20240323/20240323-2059/20240323-205943-Zf80r1VMiBNyR7bHPuUNEwAAAUI 0 1654 md5:5d366d94d21453f6025eb92b6f2a2798
darkbot.in 191.101.41.193 - - [23/Mar/2024:20:59:43.514876 +0100] "GET //wp-content/plugins/seooo/alfanew.php7 HTTP/1.1" 403 199 "-" "-" Zf80r1VMiBNyR7bHPuUNFgAAAUk "-" /apache/20240323/20240323-2059/20240323-205943-Zf80r1VMiBNyR7bHPuUNFgAAAUk 0 1707 md5:5bc0d607d8327c32f5207ec07a9c9698
darkbot.in 191.101.41.193 - - [23/Mar/2024:20:59:43.691811 +0100] "GET //includes/alfanew.php HTTP/1.1" 403 199 "-" "-" Zf80r1VMiBNyR7bHPuUNGQAAAUE "-" /apache/20240323/20240323-2059/20240323-205943-Zf80r1VMiBNyR7bHPuUNGQAAAUE 0 1673 md5:80b7f03c5cbc82fb46766e5cc567b677
darkbot.in 191.101.41.193 - - [23/Mar/2024:20:59:43.930232 +0100] "GET //wp-includes/Text/Diff/Engine/alfanew.php HTTP/1.1" 403 199 "-" "-" Zf80r1VMiBNyR7bHPuUNGgAAAUg "-" /apach
...
show less
DDoS Attack
Brute-Force
๐ช๐ธ
10dencehispahard SL
2024-03-13 00:04:30
(2 years ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
๐ซ๐ท
urmarcht
2024-01-03 14:16:43
(2 years ago)
Bot attack detected : webscan vurnerability
Web App Attack
๐ฉ๐ช
Bedios GmbH
2024-01-03 10:42:56
(2 years ago)
Vulnerability Probe
Hacking