๐บ๐ธ
TPI-Abuse
2026-04-02 03:53:26
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 23:53:17.425381 2026] [security2:error] [pid 26039:tid 26039] [client 2a0b:f4c2::9:44006] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||atmoorehealthcare.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "atmoorehealthcare.com"] [uri "/atmoorehe.sql"] [unique_id "ac3oLUeUtVT0Gu-vV3R_zwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-22 18:13:43
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 14:13:32.015714 2026] [security2:error] [pid 19641:tid 19641] [client 2a0b:f4c2::9:29198] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||rebelhollowfarm.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rebelhollowfarm.com"] [uri "/lowfarm_com.sql"] [unique_id "acAxTLH8FMXl2ZRm_dYIMQAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-10 04:52:35
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 00:52:30.099434 2026] [security2:error] [pid 18869:tid 18869] [client 2a0b:f4c2::9:41444] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lkabookkeeping.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lkabookkeeping.com"] [uri "/ookkeeping_prod.sql"] [unique_id "aa-jjjDXK6lIXpcN_QmuhwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-09 04:14:23
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 00:14:14.717651 2026] [security2:error] [pid 25536:tid 25536] [client 2a0b:f4c2::9:12434] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||geckoturner.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "geckoturner.com"] [uri "/rner_db.sql"] [unique_id "aa5JFoc2yCCn17aMZqNLFAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
jjnxpct
2026-03-05 04:50:55
(4 months ago)
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /berpsychologenpraktijk_prod.sql (Rule ID: 920440) - URL file extension is restricted by policy
show less
Web App Attack
SQL Injection
Hacking
๐บ๐ธ
TPI-Abuse
2026-03-03 19:07:11
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 14:07:00.894216 2026] [security2:error] [pid 666:tid 666] [client 2a0b:f4c2::9:64412] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||sekelconsulting.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sekelconsulting.com"] [uri "/db_g.sql"] [unique_id "aacxVF6DWxF_sylibz8bugAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-02 14:58:27
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 09:58:00.896062 2026] [security2:error] [pid 16297:tid 16297] [client 2a0b:f4c2::9:46206] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.correlationdesign.com"] [uri "/.git/config"] [unique_id "aaWleEs0V0J9hhQ6LIib1QAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-27 11:56:02
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 06:55:54.954944 2026] [security2:error] [pid 14922:tid 14922] [client 2a0b:f4c2::9:36122] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.hazelwerner.com"] [uri "/.git/config"] [unique_id "aaGGSkEi-s0G7cDR0RZreQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-02-25 01:45:27
(4 months ago)
Web App Attack Exploid from 2a0b:f4c2::9
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-24 09:16:03
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 04:15:57.422121 2026] [security2:error] [pid 5344:tid 5344] [client 2a0b:f4c2::9:14860] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.med-engineering.com"] [uri "/.git/config"] [unique_id "aZ1sTZdFAU561HSUdMAjeAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-24 05:39:11
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 00:39:07.700721 2026] [security2:error] [pid 26108:tid 26108] [client 2a0b:f4c2::9:44736] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haroparke.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haroparke.com"] [uri "/dbke.sql"] [unique_id "aZ05e2iwbFiqiV06YEDUZAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
gnom4ik
2026-02-24 03:42:42
(4 months ago)
ban-reviewer auto report; ip=2a0b:f4c2::9; scenario=http:scan; verdict=valid_ban; confidence=0.92; c ...
show more
ban-reviewer auto report; ip=2a0b:f4c2::9; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high
show less
Port Scan
Hacking
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-02-23 10:22:46
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 05:22:37.715801 2026] [security2:error] [pid 15898:tid 15898] [client 2a0b:f4c2::9:15568] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.czarcrestwesties.com"] [uri "/.git/config"] [unique_id "aZwqbfP3UuJxiMrVTkaRqQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 16:40:06
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 11:39:57.749980 2026] [security2:error] [pid 3524:tid 3524] [client 2a0b:f4c2::9:53754] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.visco174.com"] [uri "/.git/config"] [unique_id "aZsxXVtPd_vxWz7AkcQYwwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-18 23:26:18
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 18:26:13.687382 2026] [security2:error] [pid 1616093:tid 1616182] [client 2a0b:f4c2::9:30354] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||teritemme.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "teritemme.com"] [uri "/bck.sql"] [unique_id "aZZKlSipcLn8ciP1Cq62FQAAAgI"]
show less
Brute-Force
Bad Web Bot
Web App Attack