πΊπΈ
mawan
2026-07-12 20:19:13
(13 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 17:29:41
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.170.139 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.170.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 13:29:37.702677 2026] [security2:error] [pid 30978:tid 30978] [client 104.23.170.139:11449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "professional-transitions.net.mlappa.net"] [uri "/.env.old"] [unique_id "ajwUAY_dX0sdycITSm1WHAAAACU"], referer: https://www.google.com/search?q=professional-transitions.net.mlappa.net
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-21 05:43:43
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.170.139 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.170.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 01:43:37.607640 2026] [security2:error] [pid 10474:tid 10486] [client 104.23.170.139:10364] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.extrememakeovers.us.aafm.us"] [uri "/.git/HEAD"] [unique_id "ajd6CeboLeHXVeTqClQOGgAAAUo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
srtzero
2026-06-20 16:02:11
(3 weeks ago)
104.23.170.139 - - [20/Jun/2026:18:02:11 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 ...
show more
104.23.170.139 - - [20/Jun/2026:18:02:11 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 "-" "http://convergencegaming.net/wp-admin/install.php?step=1"
...
show less
Port Scan
Bad Web Bot
Web App Attack
π·πΊ
DZBOT
2026-06-19 08:19:58
(3 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
π²π½
octageeks.com
2026-06-18 04:16:26
(3 weeks ago)
Wordpress malicious attack:[octawp]
Web App Attack
π©πͺ
srtzero
2026-06-16 20:49:27
(3 weeks ago)
104.23.170.139 - - [16/Jun/2026:22:49:26 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 ...
show more
104.23.170.139 - - [16/Jun/2026:22:49:26 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 "-" "http://convergencegaming.net/wp-admin/install.php?step=1"
...
show less
Port Scan
Bad Web Bot
Web App Attack
π¬π§
pinguin
2026-06-16 11:19:06
(3 weeks ago)
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-16 00:08:52
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.170.139 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.170.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 20:08:45.547520 2026] [security2:error] [pid 17502:tid 17502] [client 104.23.170.139:12614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dandksupply.com"] [uri "/.git/config"] [unique_id "ajCUDa_nayIT4jdp2G6vLQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π»π³
cimee
2026-06-13 14:29:41
(4 weeks ago)
This IP accessed the path /.env, which is banned.
Bad Web Bot
Web App Attack
π¬π§
pinguin
2026-06-12 03:08:33
(1 month ago)
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: //cms/wp-includes/wlwmanifest.xml
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2026-06-06 15:45:10
(1 month ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
πΊπΈ
mnsf
2026-06-05 10:07:16
(1 month ago)
Abuse Detected (2)
Brute-Force
Web App Attack
π©πͺ
srtzero
2026-06-03 19:53:28
(1 month ago)
104.23.170.139 - - [03/Jun/2026:21:53:27 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 ...
show more
104.23.170.139 - - [03/Jun/2026:21:53:27 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 "-" "http://convergencegaming.net/wp-admin/install.php?step=1"
...
show less
Port Scan
Bad Web Bot
Web App Attack
π·πΊ
Mga Admin
2026-05-30 08:38:31
(1 month ago)
104.23.170.139 - - [30/May/2026:15:38:29 +0700] "GET /.env.backup HTTP/1.1" 404 69 "https://www.goog ...
show more
104.23.170.139 - - [30/May/2026:15:38:29 +0700] "GET /.env.backup HTTP/1.1" 404 69 "https://www.google.com/search?q=phelige.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36"
...
show less
Web App Attack