πΊπΈ
TPI-Abuse
2026-02-24 13:48:19
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 08:48:12.080686 2026] [security2:error] [pid 3302:tid 3331] [client 2001:67c:e60:c0c:192:42:116:173:62683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.tkfay.com"] [uri "/.git/config"] [unique_id "aZ2sHAZNCxWFpDauGHcu0gAAAJg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-22 18:04:13
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 13:04:06.560342 2026] [security2:error] [pid 22228:tid 22228] [client 2001:67c:e60:c0c:192:42:116:173:27017] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||texaslawman.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "texaslawman.net"] [uri "/wman_com.sql"] [unique_id "aZtFFqTJrlVxrwrNXPdy8QAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
gnom4ik
2026-02-20 21:51:23
(4 months ago)
ban-reviewer auto report; ip=2001:67c:e60:c0c:192:42:116:173; scenario=http:scan; verdict=valid_ban; ...
show more
ban-reviewer auto report; ip=2001:67c:e60:c0c:192:42:116:173; scenario=http:scan; verdict=valid_ban; confidence=0.90; categories=14,15,18; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for HTTP scanning activity (scan pattern); Decision appears in active decisions total count; No evidence of legitimate behavior or user activity
show less
Port Scan
Hacking
Brute-Force
π³π±
γγΌγΉγγ©γ€γ
2026-02-16 05:27:00
(4 months ago)
tor
Open Proxy
VPN IP
π³π±
homeshowdomain.nl
2026-02-03 22:59:18
(5 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-02.
show less
Hacking
Web App Attack
SSH
πΊπΈ
TPI-Abuse
2026-02-02 11:48:20
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 02 06:48:09.913264 2026] [security2:error] [pid 14549:tid 14549] [client 2001:67c:e60:c0c:192:42:116:173:12238] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||roughexports.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "roughexports.com"] [uri "/ro.sql"] [unique_id "aYCO-X8Ea7VueiYikfH0bwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-26 02:16:33
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 21:16:28.597154 2026] [security2:error] [pid 30362:tid 30362] [client 2001:67c:e60:c0c:192:42:116:173:45013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.texaspamman.com"] [uri "/.git/config"] [unique_id "aXbOfKjJ0xDY9faRNFQzZAAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-25 22:31:00
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 17:30:53.593698 2026] [security2:error] [pid 10718:tid 10718] [client 2001:67c:e60:c0c:192:42:116:173:30976] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.sealcoatnj.com"] [uri "/.git/config"] [unique_id "aXaZnW0E2806Cr6P05rEFQAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-23 00:56:30
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 19:56:06.689291 2026] [security2:error] [pid 4110046:tid 4110143] [client 2001:67c:e60:c0c:192:42:116:173:13686] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||41bravo.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "41bravo.com"] [uri "/avo.sql"] [unique_id "aXLHJn_svJsFLArIkuf5RAAAAQ8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-19 00:31:39
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 19:31:33.115517 2026] [security2:error] [pid 8216:tid 8216] [client 2001:67c:e60:c0c:192:42:116:173:64473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.aschmidtconsulting.com"] [uri "/.git/config"] [unique_id "aW17ZcGu6s6K_JAtDZ7BTAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-18 04:40:10
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 23:40:04.968859 2026] [security2:error] [pid 27759:tid 27759] [client 2001:67c:e60:c0c:192:42:116:173:31259] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||psychiatryabuse.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "psychiatryabuse.com"] [uri "/e_com.sql"] [unique_id "aWxkJLn-iQXwa5lGDOcRMwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-14 11:22:17
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 06:22:09.010749 2026] [security2:error] [pid 13165:tid 13165] [client 2001:67c:e60:c0c:192:42:116:173:21267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.cmcnow.net"] [uri "/.git/config"] [unique_id "aWd8YdhDCyOIfpokgE4bKQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-12 14:11:27
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 12 09:11:23.310858 2026] [security2:error] [pid 3139413:tid 3139413] [client 2001:67c:e60:c0c:192:42:116:173:24357] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.daos.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.daos.org"] [uri "/weekly.sql"] [unique_id "aWUBC2Bvk9XkVtR18kSLqgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-12 10:10:44
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 12 05:10:38.116544 2026] [security2:error] [pid 28897:tid 28897] [client 2001:67c:e60:c0c:192:42:116:173:62473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.thephysicsroom.com"] [uri "/.git/config"] [unique_id "aWTInrzIBzcsX94eHDuzAQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-12 09:40:58
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:67c:e60:c0c:192:42:116:173 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 12 04:40:51.980248 2026] [security2:error] [pid 21477:tid 21477] [client 2001:67c:e60:c0c:192:42:116:173:17369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.cmabiblequizzing.org"] [uri "/.git/config"] [unique_id "aWTBo-AUsB6PYA1ZuIdIwgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack