Anonymous
2026-06-26 02:50:07
(4 days ago)
| Suspicious URL access.
Web App Attack
Hacking
SQL Injection
๐ฉ๐ช
EGP Abuse Dept
2026-04-11 03:12:13
(2 months ago)
Scanning for web/db/file exploits on www.ogen.com
SQL Injection
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-01 20:14:52
(3 months ago)
(mod_security) mod_security (id:211190) triggered by 172.245.157.234 (172-245-157-234-host.colocross ...
show more
(mod_security) mod_security (id:211190) triggered by 172.245.157.234 (172-245-157-234-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 15:13:02.816098 2026] [security2:error] [pid 3623:tid 3719] [client 172.245.157.234:54137] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||kettlehill.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/wp-content/plugins/wp-custom-pages/wp-download.php"] [unique_id "aaSdzl4WolzQRuAXATJzWwAAAUE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-01 06:25:43
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 172.245.157.234 (172-245-157-234-host.colocross ...
show more
(mod_security) mod_security (id:210730) triggered by 172.245.157.234 (172-245-157-234-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:25:34.348662 2025] [security2:error] [pid 27471:tid 27491] [client 172.245.157.234:46541] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kettlehill.net|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.net"] [uri "/wp-login.php.bak"] [unique_id "aS003nLXOKC0tXS7y0kqZgAAAIM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 16:47:36
(8 months ago)
(mod_security) mod_security (id:210492) triggered by 172.245.157.234 (172-245-157-234-host.colocross ...
show more
(mod_security) mod_security (id:210492) triggered by 172.245.157.234 (172-245-157-234-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 12:47:30.813459 2025] [security2:error] [pid 30109:tid 30133] [client 172.245.157.234:36587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.com"] [uri "/.env.stage"] [unique_id "aN1bIpmcYLK3QOnvb--GSwAAAZE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-05 19:00:58
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 172.245.157.234 (172-245-157-234-host.colocross ...
show more
(mod_security) mod_security (id:210492) triggered by 172.245.157.234 (172-245-157-234-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 15:00:52.915114 2025] [security2:error] [pid 20851:tid 20851] [client 172.245.157.234:46117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.nbcnewsradio.com"] [uri "/.git/config"] [unique_id "aJJU5HFe2hLw7Q-Ou7kZ-AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-01 07:48:17
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 172.245.157.234 (172-245-157-234-host.colocross ...
show more
(mod_security) mod_security (id:210730) triggered by 172.245.157.234 (172-245-157-234-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 03:48:11.391472 2025] [security2:error] [pid 3712160:tid 3712186] [client 172.245.157.234:43225] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.staging.kettlehill.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/logs/errors.log"] [unique_id "aIxxO9c_-1Eg368SpPiCQQAAAIk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ChamberofCommerce.com
2023-11-06 00:07:01
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-10-30 10:26:52
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot