๐บ๐ธ
TPI-Abuse
2026-01-27 03:23:57
(5 months ago)
(mod_security) mod_security (id:212620) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:212620) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 22:23:52.433103 2026] [security2:error] [pid 25623:tid 25642] [client 194.39.33.7:48033] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||www.kettlehill.kettlehill.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /natemail.php?recipient=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.kettlehill.kettlehill.com"] [uri "/NateMail.php"] [unique_id "aXgvyEnFQpvwgxC6L2Hv4wAAAZA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-17 06:30:25
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 01:30:19.723580 2026] [security2:error] [pid 24551:tid 24551] [client 194.39.33.7:41827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.example"] [unique_id "aWsse_a9VCpQmIQusywzHQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-13 13:14:27
(8 months ago)
(mod_security) mod_security (id:221260) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:221260) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 08:14:22.024051 2025] [security2:error] [pid 6396:tid 6396] [client 194.39.33.7:50513] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||ftp.nbcnewsradio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/debug.cgi"] [unique_id "aRXZrj2WCxVLkJwxYeK8IwAAABc"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-26 23:56:08
(11 months ago)
(mod_security) mod_security (id:221260) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:221260) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:55:39.904059 2025] [security2:error] [pid 24708:tid 24743] [client 194.39.33.7:49149] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||cpanel.kettlehill.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.com"] [uri "/test.cgi"] [unique_id "aIVq-9CGcANRee83lKGZwgAAAAQ"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-29 17:21:09
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 13:20:57.035844 2025] [security2:error] [pid 3048193:tid 3048193] [client 194.39.33.7:50441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.farmers123.com"] [uri "/wp-config.php.inc"] [unique_id "aDiXeWNCsQxyG5uSdtPK5AAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
CR Honey Pot
2025-04-05 20:09:04
(1 year ago)
BruteForce IMAP
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-02-28 21:23:59
(1 year ago)
(mod_security) mod_security (id:212620) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:212620) triggered by 194.39.33.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 16:22:25.334872 2025] [security2:error] [pid 23837:tid 24041] [client 194.39.33.7:51727] [client 194.39.33.7] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||www.kettlehill.net|F|2"] [data "Matched Data: <script found within REQUEST_URI: /?s=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.kettlehill.net"] [uri "/"] [unique_id "Z8IpET1KnSVqVZYv4ID4rwAAAsE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
EGP Abuse Dept
2025-01-22 07:37:29
(1 year ago)
SQL injection attack
SQL Injection
Anonymous
2025-01-17 15:20:18
(1 year ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
๐ฏ๐ต
niico
2024-07-19 23:26:13
(1 year ago)
Scraping while changing the IP address, sometimes within the same allocated block
Brute-Force
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-11-06 00:57:05
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-11-02 04:22:53
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227
show less
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-10-30 20:46:49
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227
show less
Bad Web Bot
๐ณ๐ฑ
true.nl
2023-08-24 20:00:00
(2 years ago)
This IP was part of a DDoS http flood on fietsunie.nl [87.233.134.87] from UTC 24-08-2023 18:00 unt ...
show more
This IP was part of a DDoS http flood on fietsunie.nl [87.233.134.87] from UTC 24-08-2023 18:00 until 25-08-2023 1:00
show less
DDoS Attack