๐บ๐ธ
TPI-Abuse
2026-07-16 00:03:18
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:03:13.263116 2026] [security2:error] [pid 8046:tid 8046] [client 135.220.74.149:63021] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||aifactoid.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aifactoid.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "algfwbPghpKizGnyBB6x8gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 23:34:21
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 19:34:16.317310 2026] [security2:error] [pid 23210:tid 23210] [client 135.220.74.149:56847] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||radtraininginc.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "radtraininginc.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "algY-KxrkRGmHRb0eCPWvAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Savoie
2026-07-15 23:30:00
(2 days ago)
135.220.74.149 ***.*** - [16/Jul/2026:01:30:21 +0200] "GET //vendor/phpunit/phpunit/phpunit.xsd HTTP ...
show more
135.220.74.149 ***.*** - [16/Jul/2026:01:30:21 +0200] "GET //vendor/phpunit/phpunit/phpunit.xsd HTTP/1.1" 302 250 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 20:34:41
(2 days ago)
(mod_security) mod_security (id:949110) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 16:34:37.117760 2026] [security2:error] [pid 9416:tid 9416] [client 135.220.74.149:63374] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "trentong.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "alfu3UJGscaeC7h5jjTDNwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-15 19:05:26
(2 days ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 17:01:43
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 13:01:35.599024 2026] [security2:error] [pid 10202:tid 10202] [client 135.220.74.149:62475] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||raeesa.org|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "raeesa.org"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ale87zir30m6GLiLZF4EvAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 15:28:30
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 11:28:23.668862 2026] [security2:error] [pid 10496:tid 10496] [client 135.220.74.149:62163] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lolycarrillo.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lolycarrillo.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "alenF3a80urU-01XSX08WwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-15 14:48:57
(2 days ago)
cloudlinux2 fail2ban: 2026-07-15 16:43:48,437 fail2ban.filter [1812]: INFO [plesk-modsecu ...
show more
cloudlinux2 fail2ban: 2026-07-15 16:43:48,437 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 103.189.71.130 - 2026-07-15 16:43:48cloudlinux2 fail2ban: 2026-07-15 16:45:02,576 fail2ban.actions [1812]: NOTICE [plesk-modsecurity] Ban 103.189.71.130cloudlinux2 fail2ban: 2026-07-15 16:45:02,578 fail2ban.filter [1812]: INFO [recidive] Found 103.189.71.130 - 2026-07-15 16:45:02cloudlinux2 fail2ban: 2026-07-15 16:45:02,526 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 103.189.71.130 - 2026-07-15 16:45:02cloudlinux2 fail2ban: 2026-07-15 16:45:39,296 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 193.56.116.11 - 2026-07-15 16:45:38cloudlinux2 fail2ban: 2026-07-15 16:45:38,167 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 172.98.32.16 - 2026-07-15 16:45:37cloudlinux2 fail2ban: 2026-07-15 16:45:38,322 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.132.227.4 - 2026-07-15 16:45:37cloudlinux2 fail2ban: 2026-07-15
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 08:25:51
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 04:25:47.403169 2026] [security2:error] [pid 25331:tid 25331] [client 135.220.74.149:57495] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||wavecomputers.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wavecomputers.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aldEC6APWMK4gmR3ZTKr7AAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 08:05:14
(2 days ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=12
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-15 07:56:47
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 03:56:40.289098 2026] [security2:error] [pid 7192:tid 7192] [client 135.220.74.149:62862] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.dodojuice.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.dodojuice.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "alc9OIGWASEcNEEFD1kMnAAAADo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-15 06:19:53
(2 days ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
Penny Packer
2026-07-15 05:44:41
(2 days ago)
Fail2Ban apache-tripwires
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 05:43:10
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 01:43:03.026034 2026] [security2:error] [pid 10216:tid 10216] [client 135.220.74.149:49714] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||clisanchezenterprises.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "clisanchezenterprises.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "alcd57GcqeEilTGsJcDnIAAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 04:00:24
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 135.220.74.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 00:00:19.515856 2026] [security2:error] [pid 15494:tid 15494] [client 135.220.74.149:58230] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sinsky.net|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sinsky.net"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "alcF05jENz1W4J33HQeqRQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack