๐บ๐ธ
TPI-Abuse
2026-04-19 06:48:23
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:48:12.924096 2026] [security2:error] [pid 1666928:tid 1666928] [client 2a0b:f4c2::31:22012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starsmogsandiego.com"] [uri "/wp-config.php.uk"] [unique_id "aeR6rAkxD9xOCK62-HiswwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-15 11:22:39
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 07:22:33.713772 2026] [security2:error] [pid 2832102:tid 2832102] [client 2a0b:f4c2::31:31288] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idahostem.org"] [uri "/wp-config.phpbak"] [unique_id "ad90-XzXGhJCrnEf1EYjZgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-04-09 11:57:31
(3 months ago)
Blocked by UFW (TCP on 8333)
Source port: 5870
Packet length: 80
This report (for 2a0b:f4c2:0000:00 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 5870
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0031) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
ipblock.com
2026-03-31 17:18:00
(3 months ago)
IPBlock protected site ID [3717-sec].
Robotic site crawling, undeclared spider
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 14:42:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 10:42:28.871859 2026] [security2:error] [pid 28171:tid 28171] [client 2a0b:f4c2::31:23658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.taxgroupsd.com"] [uri "/.git/config"] [unique_id "acvdVOSSOXlBUQaVGdQlBgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-03-21 15:03:00
(3 months ago)
IPBlock protected site ID [4055-d][s=03].
Rogue crawler, does not respect robots.txt
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-03-09 04:14:11
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 00:14:05.628005 2026] [security2:error] [pid 27545:tid 27545] [client 2a0b:f4c2::31:35334] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||geckoturner.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "geckoturner.com"] [uri "/r_wp1.sql"] [unique_id "aa5JDcB2oWO1qPk4e9MbEQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-09 01:41:01
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 21:40:56.240295 2026] [security2:error] [pid 28511:tid 28511] [client 2a0b:f4c2::31:57430] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mobileonlinecasinos.co|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mobileonlinecasinos.co"] [uri "/bileonlinecasinos_prod.sql"] [unique_id "aa4lKIU_21ywcnH0meWPFgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-04 13:55:09
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 04 08:54:58.250363 2026] [security2:error] [pid 29219:tid 29219] [client 2a0b:f4c2::31:47132] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||forerunnersjazz.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "forerunnersjazz.org"] [uri "/rsjazz_db.sql"] [unique_id "aag5snU7QcJWS-tmS-ZuoAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-26 05:39:40
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 26 00:39:34.481108 2026] [security2:error] [pid 10636:tid 10636] [client 2a0b:f4c2::31:42760] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.eliteelectricalservices.us"] [uri "/.git/config"] [unique_id "aZ_clrChjeqqF2_QR08H7wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-02-25 01:44:39
(4 months ago)
Web App Attack Exploid from 2a0b:f4c2::31
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-23 07:24:24
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 02:24:16.340069 2026] [security2:error] [pid 28953:tid 28953] [client 2a0b:f4c2::31:45094] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.lonescouting.us"] [uri "/.git/config"] [unique_id "aZwAoCs73g8WeS0LxLMVDQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
gnom4ik
2026-02-21 11:57:48
(4 months ago)
ban-reviewer auto report; ip=2a0b:f4c2::31; scenario=http:scan; verdict=valid_ban; confidence=0.90; ...
show more
ban-reviewer auto report; ip=2a0b:f4c2::31; scenario=http:scan; verdict=valid_ban; confidence=0.90; categories=14,15,18; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for HTTP scanning activity (scenario: http:scan); Appears in abuseipdb categories related to port scanning and hacking; Decision stats show 2 active decisions in lookback window with high reuse of IP
show less
Port Scan
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-02-14 18:16:49
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 13:16:43.764599 2026] [security2:error] [pid 27424:tid 27424] [client 2a0b:f4c2::31:52378] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sailyourkayak.com"] [uri "/backup_archive/.env.orig"] [unique_id "aZC8C3fT0D9ynhRflir27wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
i-turnradio.nl
2026-02-13 20:36:28
(5 months ago)
2026-02-13 21:36:28 (CET) ~ Blocked by abusescan risk assessment
Web App Attack