๐บ๐ธ
xmission.com
2026-03-25 07:12:10
(3 months ago)
Blocked by UFW (TCP on 8333)
Source port: 27870
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 27870
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0030) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-03-09 01:39:55
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 21:39:47.777510 2026] [security2:error] [pid 18556:tid 18556] [client 2a0b:f4c2::30:29756] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mobileonlinecasinos.co|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mobileonlinecasinos.co"] [uri "/db_os.sql"] [unique_id "aa4k4xfjLwWToSfpWPXvtQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-27 11:58:09
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 06:58:04.420923 2026] [security2:error] [pid 19126:tid 19145] [client 2a0b:f4c2::30:45312] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.rainbowbb.com"] [uri "/.git/config"] [unique_id "aaGGzKKUHuOHLy46iT4vNQAAAQ8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-24 09:29:44
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 04:29:37.028140 2026] [security2:error] [pid 2744:tid 2750] [client 2a0b:f4c2::30:19198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.threeoakscenter.org"] [uri "/.git/config"] [unique_id "aZ1vgWb3yARs7fL7vRvmTAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-23 20:15:39
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 15:15:31.339635 2026] [security2:error] [pid 27593:tid 27593] [client 2a0b:f4c2::30:25274] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dwightbrown.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dwightbrown.com"] [uri "/rown_prod.sql"] [unique_id "aZy1Y4bJSNjMOkfyOC1hzAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-23 13:34:37
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 08:34:29.925042 2026] [security2:error] [pid 11120:tid 11120] [client 2a0b:f4c2::30:9924] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||artspacecleveland.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "artspacecleveland.com"] [uri "/dev.sql"] [unique_id "aZxXZV0prMX1Pcu-sYcEzwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 16:40:05
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 11:39:55.758596 2026] [security2:error] [pid 2255:tid 2255] [client 2a0b:f4c2::30:65402] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.baliaccommodationpadangpadang.com"] [uri "/.git/config"] [unique_id "aZsxW3uBERmfSpeLEnwLCAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-02-22 04:58:00
(4 months ago)
IPBlock protected site ID [3717-sec].
Robotic site crawling, undeclared spider
Bad Web Bot
Web App Attack
๐ซ๐ฎ
gnom4ik
2026-02-22 04:11:10
(4 months ago)
ban-reviewer auto report; ip=2a0b:f4c2::30; scenario=http:scan; verdict=valid_ban; confidence=0.85; ...
show more
ban-reviewer auto report; ip=2a0b:f4c2::30; scenario=http:scan; verdict=valid_ban; confidence=0.85; categories=14,15,18; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for HTTP scanning activity (scenario: http:scan); IP has active decisions total of 2, indicating repeated abuse patterns; Decision duration of 8040 minutes suggests sustained threat
show less
Port Scan
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-02-22 03:36:02
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 22:35:56.897457 2026] [security2:error] [pid 22066:tid 22066] [client 2a0b:f4c2::30:1152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.breakawaysport.com"] [uri "/.git/config"] [unique_id "aZp5nCmFHvOfsQqvbtLL-wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-02-08 22:59:11
(5 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-07.
show less
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-02-07 17:48:20
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 12:48:13.217509 2026] [security2:error] [pid 2556:tid 2556] [client 2a0b:f4c2::30:19436] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.contactsportsagility.com"] [uri "/.git/config"] [unique_id "aYd63b_swdE1iPIvy1tEkAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-06 23:46:50
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 18:46:46.806401 2026] [security2:error] [pid 14006:tid 14006] [client 2a0b:f4c2::30:46120] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.ltscatering.com"] [uri "/.git/config"] [unique_id "aYZ9ZjUPcHWuzfa1wmXQ1wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-01-31 23:57:21
(5 months ago)
Blocked by UFW (TCP on 8333)
Source port: 19310
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 19310
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0030) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-01-30 14:36:07
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::30 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 09:36:00.404096 2026] [security2:error] [pid 10218:tid 10218] [client 2a0b:f4c2::30:49590] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bayareahiphopforever.org"] [uri "/.env.local"] [unique_id "aXzB0JftyRtswdDXU-VMjAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack