๐จ๐ญ
4server
2026-04-16 06:30:58
(2 months ago)
[ThuApr1608:30:54.4106642026][security2:error][pid3862185:tid3862417][client2a0b:f4c2::28:0]ModSecur ...
show more
[ThuApr1608:30:54.4106642026][security2:error][pid3862185:tid3862417][client2a0b:f4c2::28:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"359\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"cadvending.ch\"][uri\"/wp-content/plugins/elementor/readme.txt\"][unique_id\"aeCCHmhMD4AAFAtMsVGuIgAAAMU\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-13 03:53:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 23:52:57.185797 2026] [security2:error] [pid 4038310:tid 4038310] [client 2a0b:f4c2::28:4174] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honweneedthis.com"] [uri "/wp-config.phpold"] [unique_id "adxomW-12sjaN4wQaegz_QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 16:50:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 12:50:36.635120 2026] [security2:error] [pid 3015886:tid 3015886] [client 2a0b:f4c2::28:63920] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brbvip.com"] [uri "/wp-config.phpbak"] [unique_id "adaHXD-TxKI0MYOMaVpsVAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 20:50:56
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 16:50:49.681747 2026] [security2:error] [pid 3357:tid 3357] [client 2a0b:f4c2::28:41332] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||edgecomix.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "edgecomix.com"] [uri "/edgeco.sql"] [unique_id "ac7WqTfGLiYtWEphuE_l9AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 03:53:17
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 23:53:08.581726 2026] [security2:error] [pid 28650:tid 28650] [client 2a0b:f4c2::28:44036] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||atmoorehealthcare.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "atmoorehealthcare.com"] [uri "/e_com.sql"] [unique_id "ac3oJDuXyhFq-XmYgHWAmQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-03-16 01:33:00
(3 months ago)
IPBlock protected site ID [3717-sec].
Robotic site crawling, undeclared spider
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-03-11 06:27:59
(4 months ago)
Blocked by UFW (TCP on 8333)
Source port: 32290
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 32290
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0028) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-03-09 04:13:34
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 00:13:28.817830 2026] [security2:error] [pid 28072:tid 28072] [client 2a0b:f4c2::28:6812] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||geckoturner.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "geckoturner.com"] [uri "/geckoturner_db.sql"] [unique_id "aa5I6AZc1Ks97gqHD9b5aAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-09 01:40:10
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 21:40:01.444952 2026] [security2:error] [pid 24854:tid 24854] [client 2a0b:f4c2::28:24010] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mobileonlinecasinos.co|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mobileonlinecasinos.co"] [uri "/leonlinecasinos_wp1.sql"] [unique_id "aa4k8bAkBuozoxs63RUnIwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-05 13:28:18
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 08:28:12.683999 2026] [security2:error] [pid 22284:tid 22284] [client 2a0b:f4c2::28:47826] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||aboutagingparents.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aboutagingparents.com"] [uri "/gingparents_prod.sql"] [unique_id "aamE7ObFdIE33s3n3JKLPAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-02-28 14:43:18
(4 months ago)
Blocked by UFW (TCP on 8333)
Source port: 38734
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 38734
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0028) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-02-26 16:46:34
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 26 11:46:27.807839 2026] [security2:error] [pid 10799:tid 10799] [client 2a0b:f4c2::28:34454] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ouzcorp.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ouzcorp.com"] [uri "/ouzcorp_wp1.sql"] [unique_id "aaB445d1qYHYgrJesyBX5QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-26 06:47:50
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 26 01:47:42.263455 2026] [security2:error] [pid 10291:tid 10291] [client 2a0b:f4c2::28:4514] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.alccontractorsllc.com"] [uri "/.git/config"] [unique_id "aZ_sjuRXADRKWc9E5MdYIgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-24 09:12:59
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 04:12:52.325766 2026] [security2:error] [pid 22832:tid 22832] [client 2a0b:f4c2::28:8504] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.lucasadams.com"] [uri "/.git/config"] [unique_id "aZ1rlOf4jNtsK8FskiBiIAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 18:40:02
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::28 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 13:39:57.540601 2026] [security2:error] [pid 4171:tid 4171] [client 2a0b:f4c2::28:48124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.kentculotta.com"] [uri "/.git/config"] [unique_id "aZtNfVTG08FCUYR_MdVbNwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack