๐ง๐ฌ
pa4080
2026-06-15 10:53:39
(2 weeks ago)
Detected by ModSecurity. Host header is an IP address, Request URI: /issues.php
Hacking
Web App Attack
๐ช๐ธ
MrPcap
2026-06-08 09:25:00
(3 weeks ago)
This ip it's performing XSS and SQLi attacks.
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-01 02:18:38
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:18:21.702839 2026] [security2:error] [pid 7732:tid 7758] [client 64.137.75.193:59017] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.kettlehill.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.kettlehill.com"] [uri "/windows/win.ini"] [unique_id "ahzr7SKq_i-FrRbJEDIBCQAAAUw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-01 11:34:32
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:33:44.903370 2026] [security2:error] [pid 16723:tid 16815] [client 64.137.75.193:44737] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kettlehill.net|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.net"] [uri "/footer.php.bak"] [unique_id "aX86GP0s_0SzhyBvLdix4QAAAwo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-16 16:33:33
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 11:33:26.242463 2026] [security2:error] [pid 30741:tid 30741] [client 64.137.75.193:49045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/api/.env"] [unique_id "aWpoVnJ4x9mzF6aeFK3fXgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
raspi4
2026-01-01 12:59:33
(6 months ago)
Fail2Ban Ban Triggered
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-12-01 06:24:11
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:24:07.327121 2025] [security2:error] [pid 5083:tid 5101] [client 64.137.75.193:51071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kettlehill.net"] [uri "/example.htaccess"] [unique_id "aS00h7lODMhtlQGnj5dBygAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-28 20:28:24
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 16:28:17.943430 2025] [security2:error] [pid 12256:tid 12256] [client 64.137.75.193:39533] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.nbcnewsradio.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/ftp.nbcnewsradio.com/error.log"] [unique_id "aQEnYRGkZRHXpkBmuKuoKQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 15:20:27
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 11:20:20.389923 2025] [security2:error] [pid 17241:tid 17264] [client 64.137.75.193:54025] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kettlehill.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.com"] [uri "/\\\\windows/win.ini"] [unique_id "aN1GtKh4GLz6vZLSqBzHFgAAAJE"], referer: http://www.kettlehill.com/%5Cwindows/win.ini
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
10dencehispahard SL
2025-08-18 09:45:10
(10 months ago)
WP probing for vulnerabilities
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2025-08-05 22:57:59
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 18:57:53.398239 2025] [security2:error] [pid 24060:tid 24060] [client 64.137.75.193:47327] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nbcnewsradio.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/.db"] [unique_id "aJKMcRLMua_p4DKfE8GRrQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-08-01 14:10:03
(11 months ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-01 06:39:18
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:39:04.104084 2025] [security2:error] [pid 3331447:tid 3331452] [client 64.137.75.193:37793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/.wp-config.php.swp"] [unique_id "aIxhCFSZjg6lcpTf51ZUUwAAAYE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-01 06:21:14
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 64.137.75.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 02:21:09.476468 2025] [security2:error] [pid 2636838:tid 2636910] [client 64.137.75.193:57419] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kettlehill.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/translate.sql"] [unique_id "aDvxVTvwu3ccjH5oiKEJiQAAAIE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
true.nl
2023-08-24 20:00:00
(2 years ago)
This IP was part of a DDoS http flood on fietsunie.nl [87.233.134.87] from UTC 24-08-2023 18:00 unt ...
show more
This IP was part of a DDoS http flood on fietsunie.nl [87.233.134.87] from UTC 24-08-2023 18:00 until 25-08-2023 1:00
show less
DDoS Attack