πΊπΈ
SiliSoftware
2026-06-28 22:14:26
(5 days ago)
/vendor/phpunit/phpunit/phpunit.xsd
Web App Attack
π©πͺ
FeG Deutschland
2026-06-28 04:56:43
(6 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 19:39:21
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:39:16.703575 2026] [security2:error] [pid 10822:tid 10822] [client 149.22.87.47:38031] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||rohn.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rohn.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akAm5CVAQ-WgW7pTewbRYgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 19:12:19
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:12:13.742325 2026] [security2:error] [pid 13700:tid 13700] [client 149.22.87.47:27057] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.grhall.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.grhall.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akAgjfA8fwZTyYAhEr0Q4QAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 03:18:14
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:18:10.390229 2026] [security2:error] [pid 10899:tid 10899] [client 149.22.87.47:52959] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nashes.net|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nashes.net"] [uri "/karate/index.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj9A8u2YJ-82ax0peFbRzwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 01:46:05
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:46:02.188480 2026] [security2:error] [pid 6432:tid 6432] [client 149.22.87.47:55329] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.intermixx.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.intermixx.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8rWi435MZC_kJtF_u85AAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 00:59:46
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 20:59:42.290474 2026] [security2:error] [pid 31392:tid 31392] [client 149.22.87.47:28767] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.mrzradio.org|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mrzradio.org"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8gfggrr6E_TN3ZdmZFBgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 22:15:52
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:15:47.092086 2026] [security2:error] [pid 6922:tid 6922] [client 149.22.87.47:23229] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||brazilianbikinis.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "brazilianbikinis.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxXEwS-tnAwHsz-360QvAAAAD0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
YF
2026-06-24 08:05:22
(1 week ago)
Attaque distribuΓ©e subnet
DDoS Attack
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 05:23:48
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 01:23:41.869450 2026] [security2:error] [pid 29937:tid 29937] [client 149.22.87.47:43541] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cuul.co|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cuul.co"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtp3Y1vrYfJ1Fk7dnO1kgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-24 04:16:01
(1 week ago)
[Firewall Canary] Temporary ban due to firewall rule match [URI:*/vendor/*]
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 04:10:06
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:10:00.319948 2026] [security2:error] [pid 15025:tid 15025] [client 149.22.87.47:22349] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.birdlovesfish.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.birdlovesfish.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtYmO_hNwRFLAHIPXI81AAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 03:23:51
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:23:45.782099 2026] [security2:error] [pid 1820:tid 1820] [client 149.22.87.47:36091] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.orientaltb.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.orientaltb.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtNwYGhYyj959d2UEt1GQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 02:45:43
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 22:45:37.117273 2026] [security2:error] [pid 20341:tid 20341] [client 149.22.87.47:44581] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||caonabo.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "caonabo.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtE0UPyWvdrU6Elg-RUuQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 01:12:48
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.22.87.47 (unn-149-22-87-47.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 21:12:42.351744 2026] [security2:error] [pid 27864:tid 27864] [client 149.22.87.47:55039] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tomdaughertyorchestra.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tomdaughertyorchestra.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajsvCs15KQ_g5S76PPAvnAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack