๐ช๐ธ
gnom4ik
2026-03-17 20:01:30
(3 months ago)
ban-reviewer auto report; ip=2a0b:f4c2::2; scenario=http:scan; verdict=valid_ban; confidence=0.92; c ...
show more
ban-reviewer auto report; ip=2a0b:f4c2::2; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high
show less
Port Scan
Hacking
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-03-07 13:20:01
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 07 08:19:54.536424 2026] [security2:error] [pid 2275:tid 2275] [client 2a0b:f4c2::2:34580] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||diamondtrailerserv.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "diamondtrailerserv.com"] [uri "/ndtrailerserv_prod.sql"] [unique_id "aawl-vbxUmlm1MTtBzcMxQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-03 19:06:38
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 14:06:29.660229 2026] [security2:error] [pid 32702:tid 32702] [client 2a0b:f4c2::2:47778] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||sekelconsulting.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sekelconsulting.com"] [uri "/dbkelconsulting.sql"] [unique_id "aacxNRGk60pEcdD4NAg7pAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-25 11:56:53
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 06:56:44.690663 2026] [security2:error] [pid 7878:tid 7878] [client 2a0b:f4c2::2:38424] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||thesalonx.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thesalonx.com"] [uri "/salonx_wp1.sql"] [unique_id "aZ7jfMix6dX4QrfHqzPHOwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 16:30:46
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 11:30:38.959041 2026] [security2:error] [pid 2638:tid 2638] [client 2a0b:f4c2::2:6168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.integrabroadcast.com"] [uri "/.git/config"] [unique_id "aZsvLqf6Zr-dwY2ZyacSDgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 16:06:11
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 11:05:59.225079 2026] [security2:error] [pid 20477:tid 20477] [client 2a0b:f4c2::2:12388] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||orcastrong.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "orcastrong.com"] [uri "/trong_com.sql"] [unique_id "aZc057orH7cG7wOM8J1uGQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-07 17:19:34
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 12:19:28.256750 2026] [security2:error] [pid 28665:tid 28665] [client 2a0b:f4c2::2:12008] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||goldcountrygermanamericanclub.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "goldcountrygermanamericanclub.org"] [uri "/untrygermanamericanclub_wp1.sql"] [unique_id "aYd0IMapH7QoGXYcKQc5lQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-07 05:09:31
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 00:09:28.381993 2026] [security2:error] [pid 17747:tid 17747] [client 2a0b:f4c2::2:42798] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.bangbi.com"] [uri "/.git/config"] [unique_id "aYbJCNkUKu86sprQeG0kswAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-06 22:49:39
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 17:49:32.561431 2026] [security2:error] [pid 21481:tid 21481] [client 2a0b:f4c2::2:23394] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.marshvineyards.com"] [uri "/.git/config"] [unique_id "aYZv_CkBCLkq-D5_5_lkUwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-05 17:26:43
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 05 12:26:38.731071 2026] [security2:error] [pid 28199:tid 28199] [client 2a0b:f4c2::2:47612] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||riedmannfamily.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "riedmannfamily.com"] [uri "/riedma.sql"] [unique_id "aYTSziKqA_Ia1aTn41zA9AAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-01 20:40:32
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 15:40:26.728785 2026] [security2:error] [pid 22043:tid 22043] [client 2a0b:f4c2::2:44622] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pcga.golf|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pcga.golf"] [uri "/backupdb.sql"] [unique_id "aX-6On1SrMihgVtxBqo5vwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-01-30 23:02:37
(5 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-29.
show less
Hacking
Web App Attack
SSH
๐บ๐ธ
xmission.com
2026-01-27 18:17:47
(5 months ago)
Blocked by UFW (TCP on 8333)
Source port: 58792
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 58792
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0002) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-01-26 10:36:48
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 05:36:45.429410 2026] [security2:error] [pid 12127:tid 12127] [client 2a0b:f4c2::2:12434] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.albertrealtyltd.com"] [uri "/.git/config"] [unique_id "aXdDvatbAIfieXPylrZGwgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-26 00:43:02
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 19:42:57.806286 2026] [security2:error] [pid 3857033:tid 3857033] [client 2a0b:f4c2::2:9430] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.my1611.com"] [uri "/.git/config"] [unique_id "aXa4keQcDhT6CnP2PjFhkAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack