๐บ๐ธ
TPI-Abuse
2025-10-27 13:02:46
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 27 09:02:40.935571 2025] [security2:error] [pid 1718:tid 1718] [client 82.211.8.107:35811] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||renjunews.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "renjunews.com"] [uri "/backup.sql"] [unique_id "aP9tcBnrGdeY-S-QAcYQMQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-24 01:13:35
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 23 21:13:29.089712 2025] [security2:error] [pid 13760:tid 13760] [client 82.211.8.107:49841] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||tomhatcher.us|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tomhatcher.us"] [uri "/backup/localhost.sql"] [unique_id "aPrSuTCu4kKwjN_LZJ1ZBgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-23 22:21:25
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 23 18:21:20.186806 2025] [security2:error] [pid 3579:tid 3579] [client 82.211.8.107:31951] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||marijuanajoint.com|F|2"] [data ".com.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "marijuanajoint.com"] [uri "/marijuanajoint.com.sql"] [unique_id "aPqqYAY_8JebUy_WnKd6_gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-23 22:03:19
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 23 18:03:14.075507 2025] [security2:error] [pid 11785:tid 11785] [client 82.211.8.107:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||eddysgroup.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eddysgroup.com"] [uri "/dump.sql"] [unique_id "aPqmIjVZDk4_AjrkG2-vsQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
i-turnradio.nl
2025-10-21 15:33:32
(8 months ago)
2025-10-21 @ 17:33:32 (CET) ~ Blocked based on risk assessment and prior abuse reports
Web App Attack
๐ฎ๐ฉ
Burayot
2025-10-17 19:03:25
(8 months ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 82.211.8.107 (DE/Germany/-): 2 in th ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 82.211.8.107 (DE/Germany/-): 2 in the last 3600 secs
show less
Web App Attack
Anonymous
2025-10-17 18:33:25
(8 months ago)
wordpress-trap
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-17 00:08:19
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 16 20:08:13.490066 2025] [security2:error] [pid 22223:tid 22223] [client 82.211.8.107:51897] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||macro-astrology.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "macro-astrology.com"] [uri "/site-backup.sql"] [unique_id "aPGI7UXdLETZNKPLmBnf1AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-13 10:34:02
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 13 06:33:54.770460 2025] [security2:error] [pid 1316:tid 1316] [client 82.211.8.107:35491] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||sharawi-gum.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sharawi-gum.com"] [uri "/wp-content/backup/backups.sql"] [unique_id "aOzVkrayYkvlhK-TnQelAwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-13 01:18:09
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 12 21:18:02.241261 2025] [security2:error] [pid 7937:tid 7937] [client 82.211.8.107:47241] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||oshadega.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "oshadega.com"] [uri "/backup-site.sql"] [unique_id "aOxTSkJEPGaPlZK-ZMKI0AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2025-10-12 13:23:35
(8 months ago)
22 attempts against mh_ha-misbehave-ban on iron
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-10-07 15:28:07
(8 months ago)
wordpress-trap
Web App Attack
๐ฉ๐ช
FeG Deutschland
2025-10-05 13:59:52
(8 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฎ๐ฉ
Burayot
2025-10-04 21:29:15
(8 months ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 82.211.8.107 (DE/Germany/-): 1 in t ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 82.211.8.107 (DE/Germany/-): 1 in the last 3600 secs
show less
Web App Attack
Anonymous
2025-10-03 16:31:09
(8 months ago)
Failed login attempt detected by Fail2Ban in recidive jail
Brute-Force