๐บ๐ธ
TPI-Abuse
2025-09-23 07:35:06
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 23 03:35:00.159524 2025] [security2:error] [pid 2685:tid 2685] [client 2a0b:f4c2::8:17770] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.drgracetomastolentino.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.drgracetomastolentino.com"] [uri "/rgracetomastolentino.sql"] [unique_id "aNJNpJRX--r3vnAD9LdB5gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-22 12:22:00
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 08:21:53.185440 2025] [security2:error] [pid 29513:tid 29513] [client 2a0b:f4c2::8:44422] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ewingmissouri.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ewingmissouri.com"] [uri "/issouri.sql"] [unique_id "aNE_Yc0DbMq1sJSOlVAomgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2025-09-17 02:09:02
(10 months ago)
Triggered Cloudflare WAF (firewallCustom) from T1.
Action taken: BLOCK
Protocol: HTTP/2 (GET method) ...
show more
Triggered Cloudflare WAF (firewallCustom) from T1.
Action taken: BLOCK
Protocol: HTTP/2 (GET method)
Endpoint: /tools/ip-checker
UA: Mozilla/5.0 (Android 10; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-09-16 05:30:14
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 16 01:30:06.051938 2025] [security2:error] [pid 22656:tid 22656] [client 2a0b:f4c2::8:12070] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||glassclublake.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "glassclublake.com"] [uri "/wp.sql"] [unique_id "aMj13sZ8Ib5hhhkX7obW-wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-12 02:02:40
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 11 22:02:35.036603 2025] [security2:error] [pid 2576:tid 2576] [client 2a0b:f4c2::8:55496] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.forerunnersjazz.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.forerunnersjazz.org"] [uri "/daily.sql"] [unique_id "aMN_OxCLHqv8Myp9XgceUAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-11 07:29:41
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 11 03:29:35.322857 2025] [security2:error] [pid 6176:tid 6176] [client 2a0b:f4c2::8:57932] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||eftekharschool.ir|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eftekharschool.ir"] [uri "/tekharschool.sql"] [unique_id "aMJ6X62ct7qOcehvAB_K4AAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-07 14:57:40
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 07 10:57:37.337677 2025] [security2:error] [pid 2057492:tid 2057520] [client 2a0b:f4c2::8:4940] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||property-management-companies-chicago.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "property-management-companies-chicago.com"] [uri "/property-management-compa.sql"] [unique_id "aL2dYYLtS2xqImeU77e9MAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-07 13:22:02
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 07 09:21:58.223068 2025] [security2:error] [pid 30419:tid 30419] [client 2a0b:f4c2::8:9938] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opmasterpainter.com"] [uri "/wp-config.php.zip"] [unique_id "aL2G9rVZPCSzlv4mYcxgBwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-04 07:54:59
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 04 03:54:54.158640 2025] [security2:error] [pid 15984:tid 15984] [client 2a0b:f4c2::8:36634] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "snowrideadventures.com"] [uri "/wp-config.php.zip"] [unique_id "aLlFzs0WWFn1tieC-xv94QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-03 18:04:43
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 03 14:04:38.461041 2025] [security2:error] [pid 26310:tid 26310] [client 2a0b:f4c2::8:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||southernbroadcast.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "southernbroadcast.com"] [uri "/uthernbroadcast.sql"] [unique_id "aLiDNq-YPqufo18TBxDKvwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-03 06:45:56
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 03 02:45:50.487337 2025] [security2:error] [pid 30103:tid 30103] [client 2a0b:f4c2::8:4822] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||sumilondon.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sumilondon.com"] [uri "/backup.sql"] [unique_id "aLfkHhd5zQTVlzMMsltjtgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-03 02:58:42
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 02 22:58:36.480758 2025] [security2:error] [pid 28644:tid 28644] [client 2a0b:f4c2::8:32580] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||integrabroadcast.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "integrabroadcast.com"] [uri "/tegrabroadcast.sql"] [unique_id "aLeu3MrqCsrj8ht-WmDkjwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-03 02:15:46
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 02 22:15:41.871265 2025] [security2:error] [pid 6397:tid 6397] [client 2a0b:f4c2::8:55300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goldenvalley1.com"] [uri "/wp-config.php.zip"] [unique_id "aLekzYppXA7-s5uqX0GTugAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-31 15:04:18
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 11:04:14.731968 2025] [security2:error] [pid 3274:tid 3281] [client 2a0b:f4c2::8:7474] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||guitarprimer.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "guitarprimer.com"] [uri "/rprimer.sql"] [unique_id "aLRkbqJ4LHWQfGcsezjUGAAAAMU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-31 10:16:28
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 06:16:21.809686 2025] [security2:error] [pid 20628:tid 20628] [client 2a0b:f4c2::8:55406] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.michelehoop.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.michelehoop.com"] [uri "/michele.sql"] [unique_id "aLQg9UkKCLLaY66tqwHupQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack