๐บ๐ธ
TPI-Abuse
2026-02-22 14:01:47
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 09:01:43.839012 2026] [security2:error] [pid 1837:tid 1837] [client 2a0b:f4c2::25:57954] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.atmoorehealthcare.com"] [uri "/.git/config"] [unique_id "aZsMR1WQFRGUt7mdYF6eQAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 13:26:37
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 08:26:30.349094 2026] [security2:error] [pid 10664:tid 10771] [client 2a0b:f4c2::25:10422] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||reghay.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "reghay.com"] [uri "/dump.sql"] [unique_id "aZsEBkstOwzUzaOm5Yh1wAAAAY8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
pduggusa
2026-02-22 00:52:03
(4 months ago)
Detected attacking dugganusa.com at 2026-02-22T00:52:03.725Z | Source: DugganUSA PreCog auto-block
Hacking
๐บ๐ธ
pduggusa
2026-02-22 00:09:13
(4 months ago)
Detected attacking dugganusa.com at 2026-02-22T00:09:13.389Z | Source: DugganUSA PreCog auto-block
Hacking
๐บ๐ธ
xmission.com
2026-02-15 23:39:53
(5 months ago)
Blocked by UFW (TCP on 8333)
Source port: 40872
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 40872
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0025) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-02-14 19:23:53
(5 months ago)
(mod_security) mod_security (id:210350) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210350) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 14:23:48.393644 2026] [security2:error] [pid 10236:tid 10236] [client 2a0b:f4c2::25:60540] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||blockadefoundationrepair.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "blockadefoundationrepair.com"] [uri "/hardscaping.html"] [unique_id "aZDLxNLbdHR93tscHtqhNgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-02-02 22:59:55
(5 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-01.
show less
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-01-31 03:07:54
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 22:07:44.087030 2026] [security2:error] [pid 11745:tid 11745] [client 2a0b:f4c2::25:46594] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||velocitymech.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "velocitymech.com"] [uri "/ymech_com.sql"] [unique_id "aX1yAPqwoXay9C8iVysb1QAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-26 01:36:22
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 20:36:19.265591 2026] [security2:error] [pid 21765:tid 21765] [client 2a0b:f4c2::25:47656] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.ink2wear.com"] [uri "/.git/config"] [unique_id "aXbFE-8mTMTsgEKzD07HJAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-26 00:25:58
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 19:25:53.245463 2026] [security2:error] [pid 14244:tid 14244] [client 2a0b:f4c2::25:18452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.mikeberro.com"] [uri "/.git/config"] [unique_id "aXa0kQ_N08FME72j1XXLggAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-25 21:53:11
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 16:53:03.818611 2026] [security2:error] [pid 16656:tid 16656] [client 2a0b:f4c2::25:5020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.garrisonfinancial.net"] [uri "/.git/config"] [unique_id "aXaQv1SiaK5FRMbSigm9eAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-20 16:30:48
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 20 11:30:44.579443 2026] [security2:error] [pid 116543:tid 116617] [client 2a0b:f4c2::25:24076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.jtjservices.com"] [uri "/.git/config"] [unique_id "aW-ttNkAqu70wf0saePHjAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-17 14:48:50
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 09:48:45.948109 2026] [security2:error] [pid 4815:tid 4815] [client 2a0b:f4c2::25:1974] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||computerpartsrecovery.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "computerpartsrecovery.com"] [uri "/erpartsrecovery_com.sql"] [unique_id "aWuhTdW5IXxI-TaInlM4fQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-14 12:14:28
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 07:14:20.159023 2026] [security2:error] [pid 12425:tid 12425] [client 2a0b:f4c2::25:32794] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kawkacevents.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kawkacevents.com"] [uri "/kawkace.sql"] [unique_id "aWeInCjnPtZmLGRVdG8A6gAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-13 23:21:16
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::25 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 18:21:07.895950 2026] [security2:error] [pid 13840:tid 13840] [client 2a0b:f4c2::25:10800] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bonvivantorganics.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bonvivantorganics.com"] [uri "/nics_com.sql"] [unique_id "aWbTYwYJI0nGijjydb_7XAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack