๐ซ๐ท
bigorre.org
2026-06-16 15:23:48
(2 weeks ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
๐ฉ๐ช
EGP Abuse Dept
2026-05-16 11:03:39
(1 month ago)
Scanning for web/db/file exploits on tpc-031.mach3builders.nl
SQL Injection
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 21:57:35
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 107.173.137.176 (107-173-137-176-host.colocross ...
show more
(mod_security) mod_security (id:210492) triggered by 107.173.137.176 (107-173-137-176-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:57:31.327611 2025] [security2:error] [pid 29737:tid 29737] [client 107.173.137.176:33437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.farmers123.com"] [uri "/a.htaccess"] [unique_id "aS9gy0rMWG6vRaCHZ7P-8wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-12-01 23:50:02
(7 months ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 14:43:23
(9 months ago)
(mod_security) mod_security (id:211190) triggered by 107.173.137.176 (107-173-137-176-host.colocross ...
show more
(mod_security) mod_security (id:211190) triggered by 107.173.137.176 (107-173-137-176-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:43:16.781894 2025] [security2:error] [pid 12475:tid 12485] [client 107.173.137.176:37287] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||kettlehill.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?filename=../../../../../../etc/passwd&mphb_action=download"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/"] [unique_id "aN0-BGCKjmgjI9kURFKAYAAAAUY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-22 21:50:16
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 107.173.137.176 (107-173-137-176-host.colocross ...
show more
(mod_security) mod_security (id:210492) triggered by 107.173.137.176 (107-173-137-176-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 17:50:08.347075 2025] [security2:error] [pid 1650:tid 1650] [client 107.173.137.176:47103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.deandobkin.com"] [uri "/.env.deandobkin"] [unique_id "aNHEkI07JCThb-7BLRWnawAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-08-11 17:00:11
(10 months ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
๐ช๐ธ
10dencehispahard SL
2025-08-06 05:12:30
(11 months ago)
WP probing for vulnerabilities
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2025-08-05 20:12:51
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 107.173.137.176 (107-173-137-176-host.colocross ...
show more
(mod_security) mod_security (id:210730) triggered by 107.173.137.176 (107-173-137-176-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 16:12:45.071496 2025] [security2:error] [pid 28310:tid 28310] [client 107.173.137.176:57417] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nbcnewsradio.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/admin/errors.log"] [unique_id "aJJlvehiCkC4w8jQjiZJIAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-06-19 13:40:06
(1 year ago)
Web App Attack
Web App Attack