๐ฌ๐ง
Buster
2026-02-21 15:41:00
(4 months ago)
Script kiddie distributed attack attempts from Perm Blocked ASN and country
Open Proxy
Brute-Force
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-01-17 06:34:26
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 01:34:04.062232 2026] [security2:error] [pid 26704:tid 26704] [client 194.39.33.23:36361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-content/plugins/wpsite-background-takeover/exports/download.php"] [unique_id "aWstXMr-XalsesQdJu5bxgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 17:44:26
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:40:29.811540 2025] [security2:error] [pid 27855:tid 28185] [client 194.39.33.23:43107] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kettlehill.kettlehill.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.kettlehill.com"] [uri "/\\\\windows/win.ini"] [unique_id "aVK9Da0TyVBQ9TgqIEXCcgAAARI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ช
RoboSOC
2025-10-16 08:38:24
(8 months ago)
Webmin Command Injection Vulnerability, PTR: PTR record not found
Hacking
๐บ๐ธ
TPI-Abuse
2025-07-27 00:15:36
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:14:31.458967 2025] [security2:error] [pid 172229:tid 172487] [client 194.39.33.23:42993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.kettlehill.net"] [uri "/wp-config.php.inc"] [unique_id "aIVvZ-Zd-uShJ73phjvbugAAARY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-29 22:07:10
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 18:07:06.866725 2025] [security2:error] [pid 3617097:tid 3617097] [client 194.39.33.23:36503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.farmers123.com"] [uri "/.env.old"] [unique_id "aDjainowAW1-62_ysWnPngAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-02-28 21:37:41
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.39.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 16:37:12.230806 2025] [security2:error] [pid 14428:tid 14463] [client 194.39.33.23:56313] [client 194.39.33.23] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.net"] [uri "/wp-config.php.bak"] [unique_id "Z8IsiBm7d7FF9Owj7l3jBgAAAJU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-15 12:40:38
(1 year ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
ChamberofCommerce.com
2023-11-06 02:30:06
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-11-04 02:14:38
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-10-30 10:35:48
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
๐ณ๐ฑ
true.nl
2023-08-24 20:00:00
(2 years ago)
This IP was part of a DDoS http flood on fietsunie.nl [87.233.134.87] from UTC 24-08-2023 18:00 unt ...
show more
This IP was part of a DDoS http flood on fietsunie.nl [87.233.134.87] from UTC 24-08-2023 18:00 until 25-08-2023 1:00
show less
DDoS Attack