๐บ๐ธ
TPI-Abuse
2026-02-23 04:01:35
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 23:01:31.715526 2026] [security2:error] [pid 30661:tid 30661] [client 2001:67c:289c:2::39:45710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.bendergloves.com"] [uri "/.git/config"] [unique_id "aZvRG6EK-qb16r5g_Lyl7QAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-23 03:42:28
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 22:42:18.927704 2026] [security2:error] [pid 28196:tid 28196] [client 2001:67c:289c:2::39:40430] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.deltad.net"] [uri "/.git/config"] [unique_id "aZvMmt9sjrmynzKvhs2JVQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 16:06:28
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 11:06:20.857591 2026] [security2:error] [pid 20748:tid 20748] [client 2001:67c:289c:2::39:55562] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||orcastrong.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "orcastrong.com"] [uri "/orcastro.sql"] [unique_id "aZc0_BQacIXPKdnA6w0CggAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-03 14:14:39
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 09:14:34.547204 2026] [security2:error] [pid 29666:tid 29666] [client 2001:67c:289c:2::39:58808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humans2humans.org"] [uri "/.env.example"] [unique_id "aYICyi-9h032c6LTuhVBKQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-01-30 23:02:20
(5 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-29.
show less
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-01-30 07:18:23
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 02:18:14.447987 2026] [security2:error] [pid 6213:tid 6213] [client 2001:67c:289c:2::39:60254] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||thehealthyplaceclayton.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thehealthyplaceclayton.com"] [uri "/th.sql"] [unique_id "aXxbNursdtvqR9Fbllx61wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-26 06:32:46
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 01:32:41.870795 2026] [security2:error] [pid 23435:tid 23435] [client 2001:67c:289c:2::39:41004] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.pulleasy.com"] [uri "/.git/config"] [unique_id "aXcKifDFmEFXWYk7ZE4hRQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-26 02:58:24
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 21:58:18.037904 2026] [security2:error] [pid 23200:tid 23200] [client 2001:67c:289c:2::39:45268] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.timjbutler.com"] [uri "/.git/config"] [unique_id "aXbYSlnlvk9RV558ZXIAJwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-01-20 22:42:01
(5 months ago)
Blocked by UFW (TCP on 53834)
Source port: 443
Packet length: 608
This report (for 2001:067c:289c:0 ...
show more
Blocked by UFW (TCP on 53834)
Source port: 443
Packet length: 608
This report (for 2001:067c:289c:0002:0000:0000:0000:0039) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-01-12 10:26:17
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 12 05:26:14.299458 2026] [security2:error] [pid 3126:tid 3126] [client 2001:67c:289c:2::39:40480] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.virantenn.com"] [uri "/.git/config"] [unique_id "aWTMRjQw1BkV-DAXC2X1ggAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-30 04:59:50
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 23:59:40.565160 2025] [security2:error] [pid 26982:tid 26982] [client 2001:67c:289c:2::39:38434] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||puckerbikinis.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "puckerbikinis.com"] [uri "/puckerbiki.sql"] [unique_id "aVNcPPqsj2yIIM1-7foO6wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-26 10:16:28
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 26 05:16:21.271249 2025] [security2:error] [pid 2585:tid 2585] [client 2001:67c:289c:2::39:42578] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||eliteelectricalservices.us|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eliteelectricalservices.us"] [uri "/teelectricalservices_com.sql"] [unique_id "aU5gdaZw6d0U4raDJEzPfQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-25 15:51:48
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 25 10:51:41.934662 2025] [security2:error] [pid 26573:tid 26573] [client 2001:67c:289c:2::39:48428] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||expresstires.us|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "expresstires.us"] [uri "/expresstire.sql"] [unique_id "aU1djcGFTHBdUOcYw1TQQgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-24 14:23:54
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 24 09:23:48.856321 2025] [security2:error] [pid 13523:tid 13523] [client 2001:67c:289c:2::39:35882] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bigislandhawaiirealty.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bigislandhawaiirealty.com"] [uri "/dhawaiirealty_com.sql"] [unique_id "aUv3dFUXCyKjs2bHuIHlQAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-24 01:32:53
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::39 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 23 20:32:46.917111 2025] [security2:error] [pid 8746:tid 8751] [client 2001:67c:289c:2::39:42712] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||davidchapamusic.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "davidchapamusic.com"] [uri "/davidchapa.sql"] [unique_id "aUtCvlwTs_-5UIFkMvsHPAAAAEM"]
show less
Brute-Force
Bad Web Bot
Web App Attack