๐บ๐ธ
xmission.com
2026-06-28 12:28:45
(5 days ago)
Blocked by UFW (TCP on 58722)
Source port: 443
Packet length: 1248
This report (for 2a03:4000:0013: ...
show more
Blocked by UFW (TCP on 58722)
Source port: 443
Packet length: 1248
This report (for 2a03:4000:0013:07c3:dead:beef:ca1f:1337) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-23 17:28:07
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 13:27:57.811486 2026] [security2:error] [pid 21789:tid 21789] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:54542] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.agworldmissions.org"] [uri "/.git/config"] [unique_id "ajrCHYFot_9hmEAe0gquDwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-09 14:24:22
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210730) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 10:24:16.491683 2026] [security2:error] [pid 10498:tid 10498] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:59648] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||grasslakepizzatime.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "grasslakepizzatime.com"] [uri "/me_com.sql"] [unique_id "af9DkD1Hh4bp0PT23WyLWgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-26 21:03:36
(2 months ago)
2026-04-26 08:00:44,629 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:4000:13:7c3:dead:beef ...
show more
2026-04-26 08:00:44,629 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:4000:13:7c3:dead:beef:ca1f:1337
2026-04-26 12:01:36,171 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:4000:13:7c3:dead:beef:ca1f:1337
2026-04-26 18:01:33,848 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:4000:13:7c3:dead:beef:ca1f:1337
2026-04-26 21:01:31,316 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:4000:13:7c3:dead:beef:ca1f:1337
2026-04-27 00:03:34,950 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:4000:13:7c3:dead:beef:ca1f:1337
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-10 03:00:57
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 23:00:48.626386 2026] [security2:error] [pid 1932202:tid 1932222] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:52664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.richardleeweatherman.com"] [uri "/.git/config"] [unique_id "adhn4Df4rKIFUBaDhsPtNwAAAUk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-03-26 20:59:04
(3 months ago)
Detected attack and reported by a human
Brute-Force
Web App Attack
SSH
DDoS Attack
Exploited Host
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-03-26 05:33:26
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210730) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 01:32:51.850462 2026] [security2:error] [pid 25474:tid 25474] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:55422] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcoinsubscribers.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinsubscribers.com"] [uri "/bitcoinsubscrib.sql"] [unique_id "acTFA41AjnBGkGmlUuOBNAAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-05 13:28:03
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210730) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 08:27:53.625624 2026] [security2:error] [pid 23480:tid 23480] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:59340] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||aboutagingparents.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aboutagingparents.com"] [uri "/s_prod.sql"] [unique_id "aamE2V0sSCVxgpHEHt-WlAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-25 11:56:10
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210730) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 06:56:01.946579 2026] [security2:error] [pid 7299:tid 7299] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:33926] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||thesalonx.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thesalonx.com"] [uri "/master.sql"] [unique_id "aZ7jUZ_CUkyupY_FojiLWQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Hobby Bob
2026-02-19 19:12:39
(4 months ago)
Feb 19 19:12:39 server dovecot: pop3-login: Disconnected: Connection closed (no auth attempts in 1 s ...
show more
Feb 19 19:12:39 server dovecot: pop3-login: Disconnected: Connection closed (no auth attempts in 1 secs): user=, rip=2a03:4000:13:7c3:dead:beef:ca1f:1337, lip=X.X.X.X session=
show less
Port Scan
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-03 14:16:04
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 09:15:59.647784 2026] [security2:error] [pid 19556:tid 19556] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:57960] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humans2humans.org"] [uri "/config/.env"] [unique_id "aYIDH7EX0i_yYvK6klkS2wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-01-31 23:00:39
(5 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-30.
show less
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-01-26 07:03:10
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 02:03:03.895004 2026] [security2:error] [pid 4114645:tid 4114645] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:55570] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.shhcenter.com"] [uri "/.git/config"] [unique_id "aXcRp0vzn4O8qt9VzDWyrwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-26 00:25:29
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 19:25:22.308684 2026] [security2:error] [pid 7305:tid 7305] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:33372] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.aaronbeg.com"] [uri "/.git/config"] [unique_id "aXa0cunxHY5SwhvklsZtgAAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-17 14:34:52
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a ...
show more
(mod_security) mod_security (id:210492) triggered by 2a03:4000:13:7c3:dead:beef:ca1f:1337 (this-is-a-tor-node---42.artikel5ev.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 09:34:46.784877 2026] [security2:error] [pid 218276:tid 218360] [client 2a03:4000:13:7c3:dead:beef:ca1f:1337:50136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.bhhg.org"] [uri "/.git/config"] [unique_id "aWueBtmCDIesINFw6emvLAAAAdc"]
show less
Brute-Force
Bad Web Bot
Web App Attack