๐บ๐ธ
mawan
2026-07-12 20:18:39
(20 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฌ๐ง
pinguin
2026-07-12 02:53:20
(1 day ago)
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /.env
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ช๐ธ
antivoid.xyz
2026-07-11 22:35:35
(1 day ago)
Brute-Force
Web App Attack
๐ฎ๐ฉ
gonet.home
2026-06-27 00:00:17
(2 weeks ago)
Security Event Detected by SOC Gonet: event=alert, hits=1
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-25 01:13:01
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.172.10 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.172.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 21:12:54.430852 2026] [security2:error] [pid 12157:tid 12157] [client 104.23.172.10:13755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "georgelaceysales.com"] [uri "/.env.backup"] [unique_id "ajyAlsmHqU1Palod0megKgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-24 04:04:14
(2 weeks ago)
104.23.172.10 - - [24/Jun/2026:06:04:12 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 184 " ...
show more
104.23.172.10 - - [24/Jun/2026:06:04:12 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
104.23.172.10 - - [24/Jun/2026:06:04:13 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
104.23.172.10 - - [24/Jun/2026:06:04:13 +0200] "GET /website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
104.23.172.10 - - [24/Jun/2026:06:04:13 +0200] "GET /news/wp-includes/wlwmanifest.xml HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
104.23.172.10 - - [24/Jun/2026:06:04:13 +0200] "GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404
...
show less
Brute-Force
Web App Attack
๐ฎ๐ฉ
gonet.home
2026-06-24 01:30:31
(2 weeks ago)
Security Event Detected by SOC Gonet: event=alert, hits=1
Brute-Force
Anonymous
2026-06-14 13:53:24
(4 weeks ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
mawan
2026-06-14 04:13:26
(4 weeks ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 21:53:57
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.172.10 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.172.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 17:53:51.280825 2026] [security2:error] [pid 1000:tid 1019] [client 104.23.172.10:11300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "condominium-property-management.com.property-management-companies-chicago.com"] [uri "/.git/config"] [unique_id "aic57wml5TJGKg8AKByoTgAAANA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 19:33:30
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.172.10 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.172.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 15:33:23.355912 2026] [security2:error] [pid 15708:tid 15708] [client 104.23.172.10:9236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.thebestac.com"] [uri "/.git/config"] [unique_id "aicZA7nEoz6B017spTLnZgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-06-01 20:29:19
(1 month ago)
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ณ๐ฑ
homeshowdomain.nl
2026-05-29 22:07:04
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-28.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
slay3r9903
2026-05-21 02:37:37
(1 month ago)
Web app scanning
Brute-Force
Port Scan
Anonymous
2026-05-15 06:43:44
(1 month ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack