πΊπΈ
Blue Pumpkin
2026-07-07 17:27:34
(3 days ago)
92.112.228.86 - - [07/Jul/2026:17:27:29 +0000] "GET /forum/main/29-music-movies-a-youtube-etc/255334 ...
show more
92.112.228.86 - - [07/Jul/2026:17:27:29 +0000] "GET /forum/main/29-music-movies-a-youtube-etc/255334-what-are-you-watching-now HTTP/1.1" 200 18432 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
...
show less
Brute-Force
π«π·
bigorre.org
2026-07-01 15:00:26
(1 week ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-01-27 02:35:28
(5 months ago)
(mod_security) mod_security (id:221260) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:221260) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:34:39.288135 2026] [security2:error] [pid 16656:tid 16677] [client 92.112.228.86:46901] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||webdisk.kettlehill.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/403.shtml"] [unique_id "aXgkPz4D1upuVdMC6K7vWwAAAFI"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-17 18:15:07
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 13:15:02.430716 2026] [security2:error] [pid 12002:tid 12002] [client 92.112.228.86:53241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/sftp-config.json"] [unique_id "aWvRphIyjaN2zGBJtIEtqQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-13 10:37:26
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 05:36:59.289225 2025] [security2:error] [pid 12434:tid 12434] [client 92.112.228.86:36509] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.nbcnewsradio.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/self.key"] [unique_id "aRW0y_dBgG3A7_Hna2fJXQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
SCHAPPY
2025-07-30 09:30:11
(11 months ago)
IP was involved in L7 DDoS attack.
DDoS Attack
πΊπΈ
TPI-Abuse
2025-07-26 23:42:19
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:41:21.797542 2025] [security2:error] [pid 26440:tid 26627] [client 92.112.228.86:57249] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.kettlehill.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.com"] [uri "/\\\\example.com"] [unique_id "aIVnoci-n1PXCScDgLsEwgAAAU0"], referer: http://ftp.kettlehill.com/%5cexample.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-06-24 00:42:24
(1 year ago)
Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2025-05-29 17:05:23
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 13:05:17.728946 2025] [security2:error] [pid 3038291:tid 3038291] [client 92.112.228.86:58675] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.farmers123.com"] [uri "/.env.old"] [unique_id "aDiTzVDYxApaKaLRW3jh7AAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-05-04 09:08:29
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 92.112.228.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 04 05:08:24.247847 2025] [security2:error] [pid 3782576:tid 3782576] [client 92.112.228.86:50251] [client 92.112.228.86] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nbcnewsradio.com"] [uri "/.env_sample"] [unique_id "aBcuiNeBoGowoVRvIO1OxAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
OolutionTech
2025-02-20 23:54:00
(1 year ago)
Port scanning and accessing hidden company services, part of other IPs that attacked at same time
Port Scan
Hacking
Brute-Force
Anonymous
2025-01-17 12:30:49
(1 year ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack