๐บ๐ธ
TPI-Abuse
2026-03-24 03:48:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 23:48:27.716321 2026] [security2:error] [pid 29531:tid 29539] [client 2a0b:f4c2::8:21972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.rbarw.com"] [uri "/.git/config"] [unique_id "acIJi8B9-bM6FzkJXagDzwAAAIY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-03-18 03:06:42
(3 months ago)
Blocked by UFW (TCP on 8333)
Source port: 13738
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 13738
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0008) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-03-09 04:14:24
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 00:14:12.963802 2026] [security2:error] [pid 28080:tid 28080] [client 2a0b:f4c2::8:40178] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||geckoturner.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "geckoturner.com"] [uri "/dbgeckoturner.sql"] [unique_id "aa5JFMvaV12IS-Q68silqgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-09 01:41:00
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 21:40:55.046118 2026] [security2:error] [pid 21993:tid 21993] [client 2a0b:f4c2::8:15640] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mobileonlinecasinos.co|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mobileonlinecasinos.co"] [uri "/casinos_db.sql"] [unique_id "aa4lJ2bU61q4LolD0xL21gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
jjnxpct
2026-03-05 04:50:47
(4 months ago)
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /hologenpraktijk_db.sql (Rule ID: 920440) - URL file extension is restricted by policy
show less
Web App Attack
SQL Injection
Hacking
๐บ๐ธ
pduggusa
2026-03-01 01:56:26
(4 months ago)
Detected attacking dugganusa.com at 2026-03-01T01:56:26.521Z | Source: DugganUSA PreCog auto-block
Hacking
๐บ๐ธ
pduggusa
2026-03-01 01:15:43
(4 months ago)
Detected attacking dugganusa.com at 2026-03-01T01:15:43.193Z | Source: DugganUSA PreCog auto-block
Hacking
๐บ๐ธ
pduggusa
2026-03-01 00:11:28
(4 months ago)
Detected attacking dugganusa.com at 2026-03-01T00:11:28.547Z | Source: DugganUSA PreCog auto-block
Hacking
๐บ๐ธ
xmission.com
2026-02-17 18:02:32
(4 months ago)
Blocked by UFW (TCP on 8333)
Source port: 55532
Packet length: 80
This report (for 2a0b:f4c2:0000:0 ...
show more
Blocked by UFW (TCP on 8333)
Source port: 55532
Packet length: 80
This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0008) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-02-02 11:48:27
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 02 06:48:21.375094 2026] [security2:error] [pid 14190:tid 14190] [client 2a0b:f4c2::8:64902] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||roughexports.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "roughexports.com"] [uri "/roughexports_com.sql"] [unique_id "aYCPBRiGgeCRobkPs4SYwQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-01-31 23:00:21
(5 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-30.
show less
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-01-26 17:01:39
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 12:01:36.363612 2026] [security2:error] [pid 20646:tid 20646] [client 2a0b:f4c2::8:17074] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.vigants.com"] [uri "/.git/config"] [unique_id "aXed8KzCNjzKr8KBx8SuxwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-26 00:44:28
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 19:44:22.843214 2026] [security2:error] [pid 3820:tid 3848] [client 2a0b:f4c2::8:55326] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.neotienda.com"] [uri "/.git/config"] [unique_id "aXa45kgZYWr_Lgx68n5L5AAAANM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-25 23:35:54
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 18:35:47.601759 2026] [security2:error] [pid 799927:tid 799927] [client 2a0b:f4c2::8:56224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.vccemail.net"] [uri "/.git/config"] [unique_id "aXao04tAyTST_7Kte9Z60QAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-22 17:15:16
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 12:15:12.702835 2026] [security2:error] [pid 31988:tid 31988] [client 2a0b:f4c2::8:18082] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.lonb.org"] [uri "/.git/config"] [unique_id "aXJbIOHKUhSOja18F0eCrwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack