๐บ๐ธ
TPI-Abuse
2026-07-03 22:18:44
(20 hours ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:18:37.365174 2026] [security2:error] [pid 21205:tid 21205] [client 155.2.216.11:57121] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||srtmanagementservices.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "srtmanagementservices.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akg1Pd_lDpVtUUPw0P_uHAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:37:10
(21 hours ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:37:06.839066 2026] [security2:error] [pid 1336:tid 1339] [client 155.2.216.11:31127] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jevan1.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jevan1.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgrgid_xkSwH62pSOpyZAAAAEA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:18:50
(21 hours ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:18:47.707229 2026] [security2:error] [pid 19082:tid 19082] [client 155.2.216.11:56689] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||yarbroughfamily.org|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "yarbroughfamily.org"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgnN1wnv3BZLkTGUykBRwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:03:25
(21 hours ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:03:18.245233 2026] [security2:error] [pid 9175:tid 9175] [client 155.2.216.11:38223] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||garthp.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "garthp.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgjlqGkLkGh_k9KH0GtOgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:45:44
(22 hours ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:45:40.272652 2026] [security2:error] [pid 15071:tid 15071] [client 155.2.216.11:42623] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||keidar.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "keidar.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgfdB_aTypX02CJ2rOJhgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:24:11
(22 hours ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:24:06.003790 2026] [security2:error] [pid 32039:tid 32039] [client 155.2.216.11:32047] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kinnaird.enterprises|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kinnaird.enterprises"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgaZlOfxKyTZqc-m2eXxwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:00:45
(22 hours ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:00:38.704727 2026] [security2:error] [pid 26864:tid 26864] [client 155.2.216.11:64521] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||huboon.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "huboon.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgU5jY-l8y6p1Na9yRHkgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:45:07
(23 hours ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:45:01.382855 2026] [security2:error] [pid 29754:tid 29754] [client 155.2.216.11:40191] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||glencottagemusic.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "glencottagemusic.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgRPbpHGaKTuwlrZMflmgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:23:26
(23 hours ago)
(mod_security) mod_security (id:949110) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:949110) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:23:18.734781 2026] [security2:error] [pid 8839:tid 8839] [client 155.2.216.11:56373] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "21oaksfarm.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgMJp-JYpEn1BYzIWmdIwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:00:25
(23 hours ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:00:20.647444 2026] [security2:error] [pid 7178:tid 7204] [client 155.2.216.11:45921] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||broadmoordermatology.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "broadmoordermatology.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgGxF7M8C-WDr4TDeNlJAAAAJg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:44:51
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:44:44.173045 2026] [security2:error] [pid 29597:tid 29597] [client 155.2.216.11:38827] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||go-rfi.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "go-rfi.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgDHGJvb25DGz7uZB7QZQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:24:23
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:24:18.389342 2026] [security2:error] [pid 23361:tid 23361] [client 155.2.216.11:53335] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||honer.org|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "honer.org"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akf-UmE7gSJYpzWsSJ56PQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:08:10
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:08:04.594776 2026] [security2:error] [pid 12309:tid 12309] [client 155.2.216.11:21573] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sigridsnaturalfoods.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sigridsnaturalfoods.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akf6hCmTzEJgsQsVfqXDYQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ฐ
ScamAware
2026-07-03 11:19:24
(1 day ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Web App Attack
๐ฏ๐ต
demonsword
2026-07-03 08:36:37
(1 day ago)
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ...
show more
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: ifconfig.me:443
show less
Open Proxy
Port Scan