๐บ๐ธ
TPI-Abuse
2026-03-01 20:23:50
(4 months ago)
(mod_security) mod_security (id:211540) triggered by 192.210.132.15 (192-210-132-15-host.colocrossin ...
show more
(mod_security) mod_security (id:211540) triggered by 192.210.132.15 (192-210-132-15-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 15:23:43.342866 2026] [security2:error] [pid 32106:tid 32132] [client 192.210.132.15:39971] ModSecurity: Access denied with code 403 (phase 2). Match of "contains /wp-json/yoast/" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "17"] [id "211540"] [rev "14"] [msg "COMODO WAF: Blind SQL Injection Attack||ftp.kettlehill.com|F|2"] [data "Matched Data: table_name found within REQUEST_URI: /%2e%2fmigrate%2ftemplates%2fdebug%2fdb-table&table_name=wp_users--%20-"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "ftp.kettlehill.com"] [uri "/"] [unique_id "aaSgT8yHAVRioPijSO-A0gAAANU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-27 02:54:32
(5 months ago)
(mod_security) mod_security (id:211190) triggered by 192.210.132.15 (192-210-132-15-host.colocrossin ...
show more
(mod_security) mod_security (id:211190) triggered by 192.210.132.15 (192-210-132-15-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:54:24.127884 2026] [security2:error] [pid 16656:tid 16665] [client 192.210.132.15:54081] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.kettlehill.kettlehill.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /go/add-on/business-continuity/api/plugin?folderName&pluginName=../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.kettlehill.com"] [uri "/go/add-on/business-continuity/api/plugin"] [unique_id "aXgo3z4D1upuVdMC6K4IygAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ช
RoboSOC
2025-10-16 08:45:37
(8 months ago)
Confluence Server OGNL Injection Remote Code Execution Vulnerability, PTR: 192-210-132-15-host.coloc ...
show more
Confluence Server OGNL Injection Remote Code Execution Vulnerability, PTR: 192-210-132-15-host.colocrossing.com.
show less
Hacking
๐บ๐ธ
TPI-Abuse
2025-07-26 23:35:01
(11 months ago)
(mod_security) mod_security (id:221260) triggered by 192.210.132.15 (192-210-132-15-host.colocrossin ...
show more
(mod_security) mod_security (id:221260) triggered by 192.210.132.15 (192-210-132-15-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:33:28.898649 2025] [security2:error] [pid 26440:tid 26616] [client 192.210.132.15:55779] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||mail.kettlehill.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.net"] [uri "/cgi-bin/status/login.php"] [unique_id "aIVlyMi-n1PXCScDgLv7sgAAAUM"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-29 23:51:59
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 192.210.132.15 (192-210-132-15-host.colocrossin ...
show more
(mod_security) mod_security (id:210492) triggered by 192.210.132.15 (192-210-132-15-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 19:51:53.680557 2025] [security2:error] [pid 3791994:tid 3791994] [client 192.210.132.15:57737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.farmers123.com"] [uri "/lib../.git/config"] [unique_id "aDjzGUvYNNt02t0XR7kYjwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-15 12:41:46
(1 year ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
๐ฌ๐ง
Steve
2024-10-30 03:20:52
(1 year ago)
Excessive crawling - not obeying robots.txt
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-11-06 06:19:49
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-11-02 04:07:55
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
๐บ๐ธ
ChamberofCommerce.com
2023-10-30 21:37:34
(2 years ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot