๐บ๐ธ
TPI-Abuse
2026-04-23 00:54:44
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 20:54:36.088620 2026] [security2:error] [pid 3281236:tid 3281236] [client 2a0b:f4c2::26:39890] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brbcash.com"] [uri "/wp-config.txt"] [unique_id "aeltzLidFCYZDS_CV6ceAgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-19 06:48:27
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:48:16.050272 2026] [security2:error] [pid 1667094:tid 1667094] [client 2a0b:f4c2::26:35148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starsmogsandiego.com"] [uri "/wp-config.php1"] [unique_id "aeR6sJwcG3q7SZjztE4DtAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-04-17 05:05:48
(2 months ago)
Blocked by UFW (TCP on 8333)
Source port: 47502
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 47502
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0026) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐จ๐ญ
4server
2026-04-16 14:36:09
(2 months ago)
[ThuApr1616:36:06.6471692026][security2:error][pid1144162:tid1144202][client2a0b:f4c2::26:0]ModSecur ...
show more
[ThuApr1616:36:06.6471692026][security2:error][pid1144162:tid1144202][client2a0b:f4c2::26:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"381\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"www.reddragonrecords.ch\"][uri\"/wp-content/plugins/qt-places/readme.txt\"][unique_id\"aeDz1hLRZq8DBOCX76mTfAAAAEY\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-14 06:53:05
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 02:52:58.650266 2026] [security2:error] [pid 1752958:tid 1752958] [client 2a0b:f4c2::26:19876] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||twogocamping.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "twogocamping.com"] [uri "/config.old"] [unique_id "ad3kSpIrEjB9nRSBroWSwwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
gnom4ik
2026-04-12 21:46:55
(3 months ago)
ban-reviewer auto report; ip=2a0b:f4c2::26; scenario=http:scan; verdict=valid_ban; confidence=0.92; ...
show more
ban-reviewer auto report; ip=2a0b:f4c2::26; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high
show less
Port Scan
Hacking
Brute-Force
SSH
๐บ๐ธ
ipblock.com
2026-03-14 20:56:00
(3 months ago)
IPBlock protected site ID [3717-sec].
Robotic site crawling, undeclared spider
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-10 04:53:09
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 00:53:02.494957 2026] [security2:error] [pid 9450:tid 9450] [client 2a0b:f4c2::26:6178] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lkabookkeeping.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lkabookkeeping.com"] [uri "/okkeeping_prod.sql"] [unique_id "aa-jrv_20rn2PY4cegWrjAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-09 04:14:26
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 00:14:18.103579 2026] [security2:error] [pid 28855:tid 28855] [client 2a0b:f4c2::26:44822] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||geckoturner.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "geckoturner.com"] [uri "/rner_wp1.sql"] [unique_id "aa5JGu6bS50lbk00mEz7lwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-03 19:06:58
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 14:06:47.716181 2026] [security2:error] [pid 32702:tid 32702] [client 2a0b:f4c2::26:50888] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||sekelconsulting.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sekelconsulting.com"] [uri "/ulting_prod.sql"] [unique_id "aacxRxGk60pEcdD4NAg7pgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-02-28 21:48:00
(4 months ago)
IPBlock protected site ID [3717-sec].
Robotic site crawling, undeclared spider
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-27 11:58:48
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 06:58:42.383464 2026] [security2:error] [pid 32058:tid 32058] [client 2a0b:f4c2::26:15856] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.smartstylehair.com"] [uri "/.git/config"] [unique_id "aaGG8svj_BBQY0x9uUvxPQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-02-25 14:43:48
(4 months ago)
Web App Attack Exploid from 2a0b:f4c2::26
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-23 06:44:45
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 01:44:38.326908 2026] [security2:error] [pid 30419:tid 30419] [client 2a0b:f4c2::26:57158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.advantageinvestigation.com"] [uri "/.git/config"] [unique_id "aZv3VpNmEG7bJ0M04eGeKAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-18 23:26:49
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::26 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 18:26:44.940859 2026] [security2:error] [pid 1616093:tid 1616194] [client 2a0b:f4c2::26:5028] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||teritemme.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "teritemme.com"] [uri "/te.sql"] [unique_id "aZZKtCipcLn8ciP1Cq62gwAAAg4"]
show less
Brute-Force
Bad Web Bot
Web App Attack