๐ช๐ธ
librebit
2026-05-15 01:36:47
(1 month ago)
Brute force
Brute-Force
๐ฎ๐ณ
Genhost
2026-05-06 11:57:59
(1 month ago)
SCANNING OF PHP SHELL FILES
Brute-Force
SSH
Anonymous
2026-05-06 02:47:05
(1 month ago)
host-ipset-guard auto-report; server=ns65.kdns.gr; rule=httpd-suspicious-path; count=7/6; duration=7 ...
show more
host-ipset-guard auto-report; server=ns65.kdns.gr; rule=httpd-suspicious-path; count=7/6; duration=72h; scope=ns65.kdns.gr; country=US; sites=prestigepr.gr; samples=http://prestigepr.gr/wp-json/gravitysmtp/v1/tests/mock-data | http://prestigepr.gr/ | http://prestigepr.gr/info.php.bak
show less
Hacking
Web App Attack
Anonymous
2026-03-20 12:19:28
(3 months ago)
Forum/form spam
Web Spam
Anonymous
2025-12-30 20:32:56
(6 months ago)
"GET /.aws/credentials HTTP/1.1"
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 06:02:05
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:02:00.243225 2025] [security2:error] [pid 26686:tid 26686] [client 104.207.39.200:51997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "srosa.com"] [uri "/.svn/wc.db"] [unique_id "aVIZWMVaDz0GkZHl5KWZJAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 04:54:33
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:54:28.915733 2025] [security2:error] [pid 18006:tid 18006] [client 104.207.39.200:60483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lazymanvegan.com"] [uri "/.git/HEAD"] [unique_id "aVIJhGnbdo-zA4cxLBy_ewAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 04:25:42
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:25:36.042860 2025] [security2:error] [pid 19212:tid 19212] [client 104.207.39.200:14869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stringview.com"] [uri "/.svn/wc.db"] [unique_id "aVICwIsLo6CwvtWFqWsnXQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 03:52:43
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:52:37.716578 2025] [security2:error] [pid 11668:tid 11668] [client 104.207.39.200:12401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opticasprisma.com"] [uri "/.svn/wc.db"] [unique_id "aVH7BYNGqVgMtDiTYPdK9AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 03:28:30
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:28:26.414969 2025] [security2:error] [pid 12079:tid 12079] [client 104.207.39.200:57119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riser-astrology.com"] [uri "/.env"] [unique_id "aVH1Wrt9D7pSd_TyTCL0LAAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2025-12-16 00:03:54
(6 months ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /genshin-stella-mod
UA: Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2025-11-13 21:42:24
(7 months ago)
This IP was involved in a brute force and password spray attack.
Brute-Force
Web App Attack
๐จ๐ฆ
wil.com
2025-10-29 05:45:01
(8 months ago)
GlobalProtect login attempts with user terraponn.
VPN IP
Brute-Force
๐บ๐ธ
fbarela
2025-10-17 19:01:09
(8 months ago)
FortiGate SSL VPN login failures.
Hacking
Brute-Force
Anonymous
2025-10-16 10:58:00
(8 months ago)
WordPress Brute Force
Brute-Force