๐บ๐ธ
TPI-Abuse
2026-06-29 11:03:22
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:03:19.048653 2026] [security2:error] [pid 21951:tid 21951] [client 149.22.87.17:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kidswithcamerasmovie.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kidswithcamerasmovie.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akJQ95oSDEbOxIkgrfewogAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
maxpower
2026-06-28 12:14:23
(5 days ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 149.22.87.17 (JP/Japan/unn-149-22-87-17. ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 149.22.87.17 (JP/Japan/unn-149-22-87-17.datapacket.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 149.22.87.17 - - [28/Jun/2026:14:14:20 +0200] "GET /vendor/phpunit/phpunit/phpunit.xsd HTTP/1.1" 301 305 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" "149.22.87.17" host=digiampaolo.it
149.22.87.17 - - [28/Jun/2026:14:14:21 +0200] "GET /vendor/phpunit/phpunit/phpunit.xsd HTTP/2.0" 500 711 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" "149.22.87.17" host=digiampaolo.it
show less
Port Scan
๐ฉ๐ช
FeG Deutschland
2026-06-28 04:40:43
(5 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 20:19:28
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:19:24.022562 2026] [security2:error] [pid 6431:tid 6431] [client 149.22.87.17:45527] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||atticlodgeoutdoorlearningcenter.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "atticlodgeoutdoorlearningcenter.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akAwTFOkePlUtcd4nme52gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 19:39:46
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:39:42.501816 2026] [security2:error] [pid 9899:tid 9899] [client 149.22.87.17:56061] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kbalan.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kbalan.com"] [uri "/books/wildlife-ridge/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akAm_u-mJG3Se61G5-WT2QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 03:13:13
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:13:10.791216 2026] [security2:error] [pid 6055:tid 6055] [client 149.22.87.17:35617] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ineedafriend.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ineedafriend.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8_xvrjnKrfjBQM41GVeQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 02:57:32
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:57:25.930628 2026] [security2:error] [pid 5270:tid 5270] [client 149.22.87.17:48933] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pakistanvision.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pakistanvision.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj88FaB4iJtc_FbiP9MhZQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 02:30:53
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:30:50.389891 2026] [security2:error] [pid 11621:tid 11621] [client 149.22.87.17:26623] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||owlcapone.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "owlcapone.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj812niFruBbS16MIWl_OAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 01:19:18
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:19:12.840953 2026] [security2:error] [pid 31031:tid 31031] [client 149.22.87.17:46589] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||rcjlawfirm.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rcjlawfirm.com"] [uri "/index.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8lEFebIyXKor9qlhrI_AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 00:39:12
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 20:39:05.260016 2026] [security2:error] [pid 2213:tid 2213] [client 149.22.87.17:62753] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||kountz.org|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kountz.org"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8bqd_ltCOl4OOsFvTyeQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 00:13:43
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 20:13:36.320384 2026] [security2:error] [pid 10319:tid 10319] [client 149.22.87.17:40943] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.oualierealty.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.oualierealty.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8VsC6uNHHrFilsF3CO8QAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-26 19:45:57
(6 days ago)
[Firewall Canary] Temporary ban due to firewall rule match [URI:*/vendor/*]
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 22:41:08
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:41:03.255921 2026] [security2:error] [pid 16935:tid 16935] [client 149.22.87.17:22409] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.voodooshop.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.voodooshop.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxc_zE4Ajzjc4_q31kHogAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 22:17:55
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:17:51.734067 2026] [security2:error] [pid 13352:tid 13352] [client 149.22.87.17:60369] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||backstore.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "backstore.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxXj5BWqX-Ft1pI55JuYQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 03:49:34
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.17 (unn-149-22-87-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:49:29.201527 2026] [security2:error] [pid 29799:tid 29799] [client 149.22.87.17:59513] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tangex.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tangex.com"] [uri "/mathteacher/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtTyTWT4rwB7VMCYVKrgAAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack