๐บ๐ธ
xmission.com
2026-03-07 05:57:40
(4 months ago)
Blocked by UFW (TCP on 8333)
Source port: 10200
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 10200
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0013) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ณ๐ฑ
jjnxpct
2026-03-05 04:50:57
(4 months ago)
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /dbpraktijk.sql (Rule ID: 920440) - URL file extension is restricted by policy
show less
Web App Attack
SQL Injection
Hacking
๐บ๐ธ
ipblock.com
2026-02-24 10:06:00
(4 months ago)
IPBlock protected site ID [3717-sec].
Robotic site crawling, undeclared spider
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-23 20:13:06
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 15:12:59.693632 2026] [security2:error] [pid 26053:tid 26053] [client 2a0b:f4c2::13:4160] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dwightbrown.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dwightbrown.com"] [uri "/ghtbrown_wp1.sql"] [unique_id "aZy0y0Ha5iYmO0yQkcRmdQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-23 13:44:18
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 08:44:14.022721 2026] [security2:error] [pid 12859:tid 12859] [client 2a0b:f4c2::13:48632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.visionremota.info"] [uri "/.git/config"] [unique_id "aZxZrn3Zm_iuQCr5104SOQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-23 00:19:29
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 19:19:24.864765 2026] [security2:error] [pid 26424:tid 26424] [client 2a0b:f4c2::13:49126] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.skotam.com"] [uri "/.git/config"] [unique_id "aZudDFYdUa9yxKeRnJdjzwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 18:23:06
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 13:23:02.523569 2026] [security2:error] [pid 8382:tid 8382] [client 2a0b:f4c2::13:63700] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.haarr.net"] [uri "/.git/config"] [unique_id "aZtJhrJw8-h0zYeKkZigXgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-02-22 11:03:32
(4 months ago)
Blocked by UFW (TCP on 8333)
Source port: 58786
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 58786
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0013) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-02-22 07:54:32
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 02:54:25.199215 2026] [security2:error] [pid 22990:tid 22990] [client 2a0b:f4c2::13:17946] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||tracytappan.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tracytappan.net"] [uri "/.sql"] [unique_id "aZq2MdBcfnFaD0oLwrKt5gAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-02-20 11:18:54
(4 months ago)
Web App Attack - Exploid from 2a0b:f4c2::13
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-02 21:11:30
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:225170) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 02 16:11:26.397401 2026] [security2:error] [pid 1985023:tid 1985023] [client 2a0b:f4c2::13:28336] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||arsenaultartistmanagement.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arsenaultartistmanagement.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYES_qQ6XSknQJgkrmQPMAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-01-31 22:59:14
(5 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-30.
show less
Hacking
Web App Attack
SSH
๐บ๐ธ
xmission.com
2026-01-29 04:03:38
(5 months ago)
Blocked by UFW (TCP on 8333)
Source port: 21292
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 21292
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0013) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-01-22 17:15:10
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 12:15:02.400908 2026] [security2:error] [pid 2316003:tid 2316003] [client 2a0b:f4c2::13:24028] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.hawarcenter.com"] [uri "/.git/config"] [unique_id "aXJbFnz77GXUC6JQOjid5wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-17 13:31:18
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::13 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 08:31:15.702598 2026] [security2:error] [pid 2333388:tid 2333388] [client 2a0b:f4c2::13:52838] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||twogocamping.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "twogocamping.com"] [uri "/mping_com.sql"] [unique_id "aWuPI-84P8LeJ7_1VPiR8AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack