๐ฏ๐ต
SentinalX by uzumaru
2026-07-07 04:57:53
(1 day ago)
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ...
show more
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: connectivitycheck.gstatic.com:443
show less
Open Proxy
Port Scan
๐ฏ๐ต
demonsword
2026-07-06 09:10:26
(2 days ago)
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ...
show more
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: cloudflare.com:443
show less
Open Proxy
Port Scan
๐ฏ๐ต
SentinalX by uzumaru
2026-07-05 07:08:07
(3 days ago)
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ...
show more
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: clients3.google.com:443
show less
Open Proxy
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-03 21:43:01
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:42:57.603188 2026] [security2:error] [pid 31487:tid 31487] [client 155.2.216.12:63813] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||pioneercanadian.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pioneercanadian.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgs4VCZZXf_H5ZdoiToxQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:22:19
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:22:12.467468 2026] [security2:error] [pid 27858:tid 27858] [client 155.2.216.12:49901] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||thewhispertwins.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thewhispertwins.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgoBKdSUufQHTkaugHL-AAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:03:48
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:03:44.779620 2026] [security2:error] [pid 30949:tid 30949] [client 155.2.216.12:53265] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||joevallone.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "joevallone.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgjsJ-Ueyur0hjuXcXA8AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:45:43
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:45:36.181958 2026] [security2:error] [pid 18291:tid 18291] [client 155.2.216.12:23285] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||arsenalfordemocracy.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "arsenalfordemocracy.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgfcP7lMlMJ8jsjiz-8qgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:26:30
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:26:22.567339 2026] [security2:error] [pid 3392:tid 3392] [client 155.2.216.12:35255] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||surf-sci-eng.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "surf-sci-eng.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akga7oucsBW3RruKq4dIPgAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:08:21
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:08:14.391159 2026] [security2:error] [pid 32314:tid 32314] [client 155.2.216.12:35941] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||grdigitaldesigns.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "grdigitaldesigns.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgWrlYN81fw7wYwWVWk_QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:51:43
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:51:37.316122 2026] [security2:error] [pid 21546:tid 21546] [client 155.2.216.12:49401] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ramabahama.net|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ramabahama.net"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgSyYdN6Htws4NDe5bQiwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:35:29
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:35:24.920973 2026] [security2:error] [pid 27178:tid 27178] [client 155.2.216.12:52871] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lockdownclaim.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lockdownclaim.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgO_FyNuRJBBhRowHEtbAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:17:21
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:17:14.091448 2026] [security2:error] [pid 28817:tid 28817] [client 155.2.216.12:51535] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kikopoke.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kikopoke.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgKupjyFy2EHDsDMRg7XAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:01:55
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:01:48.188479 2026] [security2:error] [pid 10730:tid 10748] [client 155.2.216.12:42223] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||flapjacktoys.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "flapjacktoys.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgHHGTuZPNTB0dTwIkTHgAAAQ4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:44:46
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:44:41.196649 2026] [security2:error] [pid 29942:tid 29942] [client 155.2.216.12:48813] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||ilikeabe.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ilikeabe.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akgDGbeRZ4vgQEcvqGOqPgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:07:06
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 155.2.216.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:07:01.599082 2026] [security2:error] [pid 8498:tid 8498] [client 155.2.216.12:25313] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||volunteergems.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "volunteergems.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akf6RWSmMYUffDyfDckqjgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack