πΊπΈ
TPI-Abuse
2026-06-01 01:56:30
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:54:05.723883 2026] [security2:error] [pid 6154:tid 6334] [client 82.22.234.30:39971] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kettlehill.kettlehill.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/default.php.bak"] [unique_id "ahzmPYIOo6_fQuyz0hl0tAAAAUs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-01 11:23:19
(5 months ago)
(mod_security) mod_security (id:217200) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:217200) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:22:49.563490 2026] [security2:error] [pid 16722:tid 16895] [client 82.22.234.30:41935] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header||kettlehill.net:80|F|2"] [data "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "kettlehill.net"] [uri "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [unique_id "aX83icyMbG6v0xSDvGJTQwAAAsk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-02 22:48:27
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:48:21.512875 2025] [security2:error] [pid 549:tid 549] [client 82.22.234.30:50877] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.farmers123.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.farmers123.com"] [uri "/config.php.bak"] [unique_id "aS9stXwwcQvjHcholQRhngAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-12 06:30:45
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 01:30:41.536490 2025] [security2:error] [pid 24109:tid 24109] [client 82.22.234.30:40443] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.nbcnewsradio.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\windows\\\\win.ini"] [unique_id "aRQpkUfAQ16Qk2x7NvG7QgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-10-01 16:20:57
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 12:20:48.754026 2025] [security2:error] [pid 30110:tid 30167] [client 82.22.234.30:32953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.com"] [uri "/a.htaccess"] [unique_id "aN1U4MkWrLLgoGKIU582RwAAAdY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-09-22 20:49:18
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 16:49:13.907356 2025] [security2:error] [pid 25705:tid 25705] [client 82.22.234.30:38499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.deandobkin.com"] [uri "/.env.prod"] [unique_id "aNG2SQLJJTIEQosMVGMEPQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΈπ¬
raramos
2025-08-07 19:00:07
(11 months ago)
[SMB remote code execution attempt: port tcp/445]
in blocklist.de:'listed [pop3]'
in SpamCop:'listed ...
show more
[SMB remote code execution attempt: port tcp/445]
in blocklist.de:'listed [pop3]'
in SpamCop:'listed'
in sorbs:'listed [web], [spam]'
in Unsubscore:'listed'
*(RWIN=8192)(04:10)
show less
Web Spam
Email Spam
Port Scan
Hacking
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2025-08-01 10:24:54
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 06:24:51.201514 2025] [security2:error] [pid 3904812:tid 3904980] [client 82.22.234.30:58367] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kettlehill.kettlehill.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.kettlehill.com"] [uri "/admin/logs/errors.log"] [unique_id "aIyV8-ifMJM5rDs5catYQQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-06-06 12:10:14
(1 year ago)
| XSS (Cross Site Scripting) attempt.
Hacking
SQL Injection
Web App Attack
πΊπΈ
TPI-Abuse
2025-06-01 06:29:40
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 02:29:33.758241 2025] [security2:error] [pid 2256137:tid 2256253] [client 82.22.234.30:44509] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.staging.kettlehill.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.staging.kettlehill.com"] [uri "/temp.sql"] [unique_id "aDvzTWQ8Dui5hvebpq-ITQAAANY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-05-30 23:32:43
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 19:32:37.939065 2025] [security2:error] [pid 810708:tid 810708] [client 82.22.234.30:51713] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.nbcnewsradio.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.nbcnewsradio.com"] [uri "/error.log"] [unique_id "aDpAFYkYZxX8nd5bYeslZgAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-05-28 19:40:53
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.22.234.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 28 15:40:48.250030 2025] [security2:error] [pid 1800554:tid 1800554] [client 82.22.234.30:46119] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.farmers123.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.farmers123.com"] [uri "/mail.db"] [unique_id "aDdmwHB2MpGLLWoT0cd3mAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack