Anonymous
2026-06-22 12:00:00
(2 weeks ago)
Fake Googlebot: User-Agent claims Googlebot/2.1 but the source IP (AS36352 AS-COLOCROSSING, US) is o ...
show more
Fake Googlebot: User-Agent claims Googlebot/2.1 but the source IP (AS36352 AS-COLOCROSSING, US) is outside Google's official IP ranges and has no crawl-*.googlebot.com reverse DNS. 1 requests observed between 2026-05-23 and 2026-06-22.
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-02-01 11:22:41
(5 months ago)
(mod_security) mod_security (id:212620) triggered by 192.210.132.224 (192-210-132-224-host.colocross ...
show more
(mod_security) mod_security (id:212620) triggered by 192.210.132.224 (192-210-132-224-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:22:34.273081 2026] [security2:error] [pid 16721:tid 16866] [client 192.210.132.224:38275] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||kettlehill.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioplayeroption=1&filelist[0][title]=<script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kettlehill.com"] [uri "/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php"] [unique_id "aX83erZSDMB2xJcUTnRVGwAAAoM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 17:16:28
(6 months ago)
(mod_security) mod_security (id:220150) triggered by 192.210.132.224 (192-210-132-224-host.colocross ...
show more
(mod_security) mod_security (id:220150) triggered by 192.210.132.224 (192-210-132-224-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:09:03.420967 2025] [security2:error] [pid 12847:tid 12935] [client 192.210.132.224:48599] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||ftp.kettlehill.com|F|2"] [data "-1unionselect1,md5(999999999),3,4,5--"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ftp.kettlehill.com"] [uri "/admin/manage_user.php"] [unique_id "aVK1r6LrABXCW5a44Sq2QQAAAZM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-13 09:58:14
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 192.210.132.224 (192-210-132-224-host.colocross ...
show more
(mod_security) mod_security (id:210730) triggered by 192.210.132.224 (192-210-132-224-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:58:06.411714 2025] [security2:error] [pid 32120:tid 32120] [client 192.210.132.224:55907] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.nbcnewsradio.com|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/moveitisapi/moveitisapi.dll"] [unique_id "aRWrrj_knrvhbrQmH9pmMwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ช
RoboSOC
2025-10-16 08:42:37
(8 months ago)
HTTP Directory Traversal Vulnerability , PTR: 192-210-132-224-host.colocrossing.com.
Hacking
๐บ๐ธ
TPI-Abuse
2025-07-27 01:11:01
(11 months ago)
(mod_security) mod_security (id:211190) triggered by 192.210.132.224 (192-210-132-224-host.colocross ...
show more
(mod_security) mod_security (id:211190) triggered by 192.210.132.224 (192-210-132-224-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:10:56.866745 2025] [security2:error] [pid 404369:tid 404482] [client 192.210.132.224:47825] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||kettlehill.net|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /badging/badge_print_v0.php?tpl=../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/badging/badge_print_v0.php"] [unique_id "aIV8oI1ApCwrT9-Kn8W6ewAAAI0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-30 00:10:58
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 192.210.132.224 (192-210-132-224-host.colocross ...
show more
(mod_security) mod_security (id:210492) triggered by 192.210.132.224 (192-210-132-224-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 20:10:50.114086 2025] [security2:error] [pid 3802132:tid 3802132] [client 192.210.132.224:52055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/.env.prod"] [unique_id "aDj3iqQGJLCetRnKpSJdNAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-19 05:37:33
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 192.210.132.224 (192-210-132-224-host.colocross ...
show more
(mod_security) mod_security (id:210492) triggered by 192.210.132.224 (192-210-132-224-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 01:37:18.653431 2025] [security2:error] [pid 22650:tid 22655] [client 192.210.132.224:52131] [client 192.210.132.224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.spinningdesigns.com"] [uri "/.env_sample"] [unique_id "aAM2jsLYwl69KqC_78ihUwAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-15 07:10:51
(1 year ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
๐ซ๐ท
Sklurk
2024-07-13 01:35:14
(1 year ago)
Web App Attack
Web App Attack
๐ฆ๐บ
oncord
2024-07-12 15:10:30
(2 years ago)
Form spam
Web Spam
๐ฆ๐บ
oncord
2024-07-09 13:39:04
(2 years ago)
Form spam
Web Spam
๐บ๐ธ
ChamberofCommerce.com
2023-11-06 02:19:28
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-11-02 03:34:26
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227
show less
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-10-30 10:52:27
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227
show less
Bad Web Bot