๐บ๐ธ
TPI-Abuse
2026-06-01 01:54:23
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:54:00.282353 2026] [security2:error] [pid 6157:tid 6305] [client 206.204.19.141:36465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.net"] [uri "/.git/config"] [unique_id "ahzmOEvrUrV4Mon8bBqlRgAAAcg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
Tokolosh Hunters
2026-05-24 13:47:01
(1 month ago)
AutoBlockWindow-Known bad useragent query-2026-05-24 13:47:00
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-02-01 11:28:15
(5 months ago)
(mod_security) mod_security (id:212620) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:212620) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:28:07.627854 2026] [security2:error] [pid 16720:tid 16856] [client 206.204.19.141:34435] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||ftp.kettlehill.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /ajax/apps/manifests?action=all&format=debug&xss=<script>alert(document.domain);</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.kettlehill.com"] [uri "/ajax/apps/manifests"] [unique_id "aX84x3gN2ebRaezbXtJD5gAAAVc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-01 07:03:27
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 02:03:20.572494 2025] [security2:error] [pid 27471:tid 27495] [client 206.204.19.141:41995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.net"] [uri "/htaccess_for_page_not_found_redirects.htaccess"] [unique_id "aS09uHLXOKC0tXS7y0k6pQAAAIc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-17 12:16:19
(8 months ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 18:00:47
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 14:00:40.302310 2025] [security2:error] [pid 28909:tid 28931] [client 206.204.19.141:39027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/wp-config.php.bak"] [unique_id "aN1sSMqzZow6xCeNbL4CRQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฌ
raramos
2025-08-07 19:00:07
(11 months ago)
[SMB remote code execution attempt: port tcp/445]
in blocklist.de:'listed [pop3]'
in SpamCop:'listed ...
show more
[SMB remote code execution attempt: port tcp/445]
in blocklist.de:'listed [pop3]'
in SpamCop:'listed'
in sorbs:'listed [web], [spam]'
in Unsubscore:'listed'
*(RWIN=8192)(04:10)
show less
Web Spam
Email Spam
Port Scan
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-01 06:59:42
(11 months ago)
(mod_security) mod_security (id:212620) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:212620) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:59:28.776774 2025] [security2:error] [pid 3331447:tid 3331470] [client 206.204.19.141:42453] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||ftp.kettlehill.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1\\x22</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.kettlehill.com"] [uri "/wp-content/plugins/gwyns-imagemap-selector/popup.php"] [unique_id "aIxl0FSZjg6lcpTf51ZusgAAAZM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-01 06:58:43
(1 year ago)
(mod_security) mod_security (id:212620) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:212620) triggered by 206.204.19.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 02:58:11.423455 2025] [security2:error] [pid 2636838:tid 2636917] [client 206.204.19.141:38119] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||staging.kettlehill.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "staging.kettlehill.com"] [uri "/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php"] [unique_id "aDv6Azvwu3ccjH5oiKEYpwAAAIg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-04-16 22:59:12
(1 year ago)
2025-04-16 06:47:59 /
Web App Attack