๐ซ๐ท
bigorre.org
2026-07-03 15:01:41
(4 hours ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
๐ฉ๐ช
SCHAPPY
2026-05-03 07:29:25
(2 months ago)
Bad bot identified by user agent
Bad Web Bot
๐ซ๐ท
bigorre.org
2026-04-22 16:24:55
(2 months ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
๐ซ๐ท
bigorre.org
2026-04-14 16:26:09
(2 months ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-02-01 11:19:58
(5 months ago)
(mod_security) mod_security (id:212750) triggered by 45.249.59.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:212750) triggered by 45.249.59.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:19:47.177260 2026] [security2:error] [pid 16722:tid 16896] [client 45.249.59.71:41175] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort|blur|change|click|dblclick|dragdrop|error|focus|keydown|keypress|keyup|load|mouse(?:down|move|out|over|up)|move|readystatechange|reset|resize|select|submit|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected||mail.kettlehill.com|F|2"] [data "Matched Data: onerror= found within REQUEST_URI: /resumes/?s=\\x22><img src=x onerror=alert(document.domain)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "mail.kettlehill.com"] [uri "/resumes/"] [unique_id "aX8208yMbG6v0xSDvGJPUgAAAso"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-16 19:07:47
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 45.249.59.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 45.249.59.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 14:07:39.202465 2026] [security2:error] [pid 12121:tid 12121] [client 45.249.59.71:39587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.nbcnewsradio.com"] [uri "/.env.prod.local"] [unique_id "aWqMe3kVWIGcCRT7MfeaBAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-12-31 09:10:07
(6 months ago)
[Wed Dec 31 10:10:07.114645 2025] [:error] [pid 3947400:tid 3947400] [client 45.249.59.71:50405] Mod ...
show more
[Wed Dec 31 10:10:07.114645 2025] [:error] [pid 3947400:tid 3947400] [client 45.249.59.71:50405] ModSecurity: Warning. Matched "Operator `Within' with parameter `.ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll (418 characters omitted)' against variable `TX:EXTENSION' (Value: `.log/' ) [file "/usr/local/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1039"] [id "920440"] [rev ""] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "2"] [ver "OWASP_CRS/4.22.0-dev"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [uri "/php_errors.log"] [unique_id "176717220793.434647"] [ref "o10,4o11,3v5,
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-01 07:09:08
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 45.249.59.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 45.249.59.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 03:09:05.049522 2025] [security2:error] [pid 32047:tid 32115] [client 45.249.59.71:34363] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.kettlehill.net|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.net"] [uri "/header.php.bak"] [unique_id "aGOJkQF1tdoO2im1K3V31AAAAIY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-06-03 04:10:04
(1 year ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-01 03:25:56
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 45.249.59.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 45.249.59.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 30 23:25:52.862198 2025] [security2:error] [pid 10930:tid 11164] [client 45.249.59.71:34149] [client 45.249.59.71] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "staging.kettlehill.com"] [uri "/wp-config.php.inc"] [unique_id "aBLpwH9d7Z86Td3fBue1bAAAAQ0"]
show less
Brute-Force
Bad Web Bot
Web App Attack