๐บ๐ธ
Penny Packer
2026-06-29 05:22:15
(5 hours ago)
Fail2Ban apache-tripwires
Web App Attack
๐บ๐ธ
SiliSoftware
2026-06-28 22:14:46
(12 hours ago)
/vendor/phpunit/phpunit/phpunit.xsd
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 21:12:12
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:12:05.613741 2026] [security2:error] [pid 27942:tid 27942] [client 149.22.87.35:24529] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.thebeeplace.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.thebeeplace.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akA8pQIIKh9-G2cLDPafVwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 19:50:18
(1 day ago)
(mod_security) mod_security (id:949110) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:949110) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:50:09.347198 2026] [security2:error] [pid 1117:tid 1117] [client 149.22.87.35:50723] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.freedrm.org"] [uri "/ohp/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akApcQomyCPN7EmKY4lfVQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-27 19:12:59
(1 day ago)
(mod_security) mod_security triggered on hostname [redacted] 149.22.87.35 (JP/Japan/unn-149-22-87-35 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 149.22.87.35 (JP/Japan/unn-149-22-87-35.datapacket.com): (CF_ENABLE)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-27 03:32:12
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:32:07.456560 2026] [security2:error] [pid 16024:tid 16024] [client 149.22.87.35:56391] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pointandshootfilm.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pointandshootfilm.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj9EN5yXtM7wyytSRYxoBQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 01:52:26
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:52:23.039663 2026] [security2:error] [pid 15949:tid 15949] [client 149.22.87.35:37015] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.mitchellamazing.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mitchellamazing.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8s1zoKZ90CKqozsAviNgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 00:41:16
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 20:41:13.589939 2026] [security2:error] [pid 1562:tid 1562] [client 149.22.87.35:52687] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||thecatandtheowl.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thecatandtheowl.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8cKQt4MyZa343V4_bgTAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 00:00:21
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 20:00:15.376266 2026] [security2:error] [pid 13784:tid 13784] [client 149.22.87.35:47681] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.accordionfactory.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.accordionfactory.com"] [uri "/Concerto/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8Sjz8FNsykQ6lG6yS_igAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 23:34:13
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:34:08.365662 2026] [security2:error] [pid 1052:tid 1052] [client 149.22.87.35:20861] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.news.aguasolar.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.news.aguasolar.com"] [uri "/blog/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8McPeoHP0Ttk2fCmgQgQAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 22:43:29
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:43:25.496086 2026] [security2:error] [pid 8284:tid 8284] [client 149.22.87.35:28173] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kwcccarshow.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kwcccarshow.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxdjf-yw8Y3kYJ-1ybyGgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 22:27:39
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:27:34.045180 2026] [security2:error] [pid 26677:tid 26677] [client 149.22.87.35:37893] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.cubbylure.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cubbylure.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxZ1sVo7gNg25sxpCWRywAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 21:39:36
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 17:39:32.814007 2026] [security2:error] [pid 5667:tid 5667] [client 149.22.87.35:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||hondabvi.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "hondabvi.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxOlH9m_CAvwRx91DkSzAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 04:50:20
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:50:02.116550 2026] [security2:error] [pid 8948:tid 8948] [client 149.22.87.35:28147] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.waterspell.net|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.waterspell.net"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajth-iCV6YnqNb7JiDyWQgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 04:32:57
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.35 (unn-149-22-87-35.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:32:51.517990 2026] [security2:error] [pid 15310:tid 15386] [client 149.22.87.35:51133] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||resort4pets.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "resort4pets.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtd8yHJBCtkATXBGY6LsAAAAdM"]
show less
Brute-Force
Bad Web Bot
Web App Attack