๐บ๐ธ
TPI-Abuse
2026-04-19 06:36:40
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:36:33.495138 2026] [security2:error] [pid 1658458:tid 1658458] [client 2a0b:f4c2::19:55450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starsmogsandiego.com"] [uri "/wp-config.php.backup.txt"] [unique_id "aeR38aHWEuNSUhhRTwCBTwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-18 04:39:39
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 00:39:32.610401 2026] [security2:error] [pid 4094157:tid 4094157] [client 2a0b:f4c2::19:20982] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||local639.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "local639.com"] [uri "/config.old"] [unique_id "aeMLBGt5OC8cOiSRx3bZuQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 18:55:47
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 14:55:38.836577 2026] [security2:error] [pid 13920:tid 13920] [client 2a0b:f4c2::19:36478] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||daisydoesoap.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "daisydoesoap.com"] [uri "/daisydoesoa.sql"] [unique_id "ac67qgvQZxOu9k9OBu98MwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-03-15 04:13:33
(3 months ago)
Blocked by UFW (TCP on 8333)
Source port: 10696
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 10696
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0019) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-03-11 04:16:38
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 00:16:34.516666 2026] [security2:error] [pid 23150:tid 23150] [client 2a0b:f4c2::19:26254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.interior-cosmetics.com"] [uri "/.git/config"] [unique_id "abDsoun310os_8saR90uJgAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-11 01:41:48
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 21:41:38.076972 2026] [security2:error] [pid 5669:tid 5669] [client 2a0b:f4c2::19:41158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.kvaziri.com"] [uri "/.git/config"] [unique_id "abDIUrHQwYzHXEHYapudVwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-04 13:55:50
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 04 08:55:43.708103 2026] [security2:error] [pid 28772:tid 28772] [client 2a0b:f4c2::19:17402] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||forerunnersjazz.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "forerunnersjazz.org"] [uri "/jazz_db.sql"] [unique_id "aag53wi1mX9iek9k6WTl0QAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-03-01 21:57:27
(4 months ago)
Web App Attack Exploid from 2a0b:f4c2::19
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-26 16:46:05
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 26 11:45:58.441086 2026] [security2:error] [pid 8224:tid 8224] [client 2a0b:f4c2::19:52354] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ouzcorp.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ouzcorp.com"] [uri "/wordpress_rp.sql"] [unique_id "aaB4xpUISbJPgJh31s5xXwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
gnom4ik
2026-02-24 09:07:01
(4 months ago)
ban-reviewer auto report; ip=2a0b:f4c2::19; scenario=http:scan; verdict=valid_ban; confidence=0.92; ...
show more
ban-reviewer auto report; ip=2a0b:f4c2::19; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high
show less
Port Scan
Hacking
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-02-23 19:16:44
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 14:16:38.259552 2026] [security2:error] [pid 22828:tid 22891] [client 2a0b:f4c2::19:18866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.ouye.us"] [uri "/.git/config"] [unique_id "aZynls-zJruhVtT6v5GGiAAAAYg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-02-21 23:28:00
(4 months ago)
IPBlock protected site ID [3717-sec].
Robotic site crawling, undeclared spider
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-21 14:41:58
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 09:41:51.942549 2026] [security2:error] [pid 10176:tid 10176] [client 2a0b:f4c2::19:12370] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||waterspell.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "waterspell.net"] [uri "/erspell_com.sql"] [unique_id "aZnEL4jQX7sTIDhxXXLGQgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 16:06:47
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 11:06:41.711347 2026] [security2:error] [pid 20749:tid 20749] [client 2a0b:f4c2::19:7968] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||orcastrong.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "orcastrong.com"] [uri "/strong_com.sql"] [unique_id "aZc1Ea-jUaFLWNhY7NajKAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-16 01:35:46
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 20:35:41.802037 2026] [security2:error] [pid 1199025:tid 1199025] [client 2a0b:f4c2::19:63732] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||shhcenter.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "shhcenter.com"] [uri "/backup_wp.sql"] [unique_id "aZJ0beRiSEcC17GeHZIoFwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack