๐ซ๐ท
bigorre.org
2026-07-03 15:24:43
(1 hour ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-29 11:44:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 07:43:57.497168 2026] [security2:error] [pid 17292:tid 17310] [client 104.252.49.45:33667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "neotienda.com"] [uri "/wp-config.php.swp"] [unique_id "ahl7_Wh57-Mngulgnb1skgAAANA"], referer: https://www.google.com/search?q=neotienda.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-28 22:05:08
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-28 02:01:21
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 22:01:15.795577 2026] [security2:error] [pid 18558:tid 18558] [client 104.252.49.45:39777] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title34.com"] [uri "/.env.dev"] [unique_id "aheh6xg8k4sOzW5L3ArP3gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 22:44:08
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 18:43:32.237511 2026] [security2:error] [pid 10339:tid 10339] [client 104.252.49.45:44443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thewillsmith.anthonyjoseph.us"] [uri "/wp-config.php~"] [unique_id "ahdzlEjaADxPmJptFRIZRgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-27 22:00:23
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-27
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-27 17:44:04
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 13:43:58.823091 2026] [security2:error] [pid 4416:tid 4416] [client 104.252.49.45:44831] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bryteandbroderick.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bryteandbroderick.org"] [uri "/db_backup.sql"] [unique_id "ahctXsIS1uFgjDtdRQ32PwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 00:24:02
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:23:50.616921 2026] [security2:error] [pid 8417:tid 8417] [client 104.252.49.45:46711] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.goldenstatedvd.deluxeexpress.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.goldenstatedvd.deluxeexpress.com"] [uri "/db_backup.sql"] [unique_id "ahY5lpTlIRXzDMz4FIl6sAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-17 21:57:21
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 16:57:18.435163 2026] [security2:error] [pid 14582:tid 14582] [client 104.252.49.45:47573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.cpcalendars"] [unique_id "aWwFvjmvIYFCMrF76YwttAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-13 12:06:59
(7 months ago)
(mod_security) mod_security (id:211190) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211190) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 07:06:54.155557 2025] [security2:error] [pid 29586:tid 29586] [client 104.252.49.45:35785] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||ftp.nbcnewsradio.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /blast/nph-viewgif.cgi?../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/blast/nph-viewgif.cgi"] [unique_id "aRXJ3m_xp0-jT7XnVLTjowAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-27 01:19:08
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:19:01.487016 2025] [security2:error] [pid 404369:tid 404477] [client 104.252.49.45:47833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.com"] [uri "/wp-config.php.txt"] [unique_id "aIV-hY1ApCwrT9-Kn8XMYgAAAIg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-04 09:07:05
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.252.49.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 04 05:06:59.717431 2025] [security2:error] [pid 3788423:tid 3788423] [client 104.252.49.45:40063] [client 104.252.49.45] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nbcnewsradio.com"] [uri "/.env.backup"] [unique_id "aBcuM09b0adwkvFoGy3DTAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-02-01 18:50:05
(1 year ago)
| Shellshock attack attempt
Hacking
SQL Injection
Web App Attack