๐บ๐ธ
ph
2026-07-10 06:33:02
(3 days ago)
Bad web bot attempting to run wp-admin on non-WP site
Hacking
Bad Web Bot
Web App Attack
๐ฆ๐น
nomzamo
2026-06-29 09:40:27
(2 weeks ago)
Fail2Ban reported: nginx-noscript
Brute-Force
Bad Web Bot
๐ฌ๐ง
pinguin
2026-06-20 19:48:00
(3 weeks ago)
Triggered Cloudflare WAF (firewallManaged) from GB.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from GB.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /var/task/next.config.js
UA: curl/8.7.1
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐น๐ท
muratkaya665
2026-06-18 22:18:38
(3 weeks ago)
IPS Attack Blocked by server.mura******.com.tr Fortigate-80E. Attack Name: Atlassian.Server.S.Endpoi ...
show more
IPS Attack Blocked by server.mura******.com.tr Fortigate-80E. Attack Name: Atlassian.Server.S.Endpoint.Information.Disclosure. Dest Port: 80. Service: HTTP. Message: applications3: Atlassian.Server.S.Endpoint.Information.Disclosure.
show less
Hacking
๐ฌ๐ง
pinguin
2026-06-12 01:11:35
(1 month ago)
Triggered Cloudflare WAF (firewallManaged) from GB.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from GB.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /firebase-messaging-sw.js
UA: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2026-06-11 23:06:29
(1 month ago)
Repeated unauthorized connection attempts to restricted service observed.
Port Scan
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-15 08:48:52
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:48:39.977363 2026] [security2:error] [pid 13411:tid 13428] [client 141.101.98.167:14197] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||amazinglips.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "amazinglips.com"] [uri "/backup.sql"] [unique_id "agbd50UEM4JlpjNBSoLqmQAAAA4"], referer: https://www.google.com/search?q=amazinglips.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-05-15 00:03:35
(1 month ago)
Web attack/malicious scanning detected
Web App Attack
๐ฌ๐ง
pinguin
2026-05-08 01:08:55
(2 months ago)
Triggered Cloudflare WAF (firewallManaged) from GB.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from GB.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /__env.js
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฌ๐ง
Axel
2026-05-07 08:38:01
(2 months ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/HEAD Se ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/HEAD Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐ณ๐ฑ
ParaBug
2026-04-19 14:01:20
(2 months ago)
141.101.98.167 - - [19/Apr/2026:16:01:19 +0200] "GET /wordpress/wp-admin/setup-config.php HTTP/1.1" ...
show more
141.101.98.167 - - [19/Apr/2026:16:01:19 +0200] "GET /wordpress/wp-admin/setup-config.php HTTP/1.1" 301 523 "-" "http://myviven.com/wordpress/wp-admin/setup-config.php"
...
show less
Phishing
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-09 03:49:19
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 23:49:10.248675 2026] [security2:error] [pid 2578165:tid 2578165] [client 141.101.98.167:10016] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testrong.com"] [uri "/.env.backup"] [unique_id "adchtiQYtX1KHkpL4a6ATgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 22:36:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 18:36:39.348207 2026] [security2:error] [pid 2825165:tid 2825165] [client 141.101.98.167:9500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cacs.me"] [uri "/.env.local"] [unique_id "adbYd8aywoCGvDEsXXyhKAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 13:21:08
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 09:20:57.619817 2026] [security2:error] [pid 2278601:tid 2278601] [client 141.101.98.167:10401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.christiannationalmilitia.com"] [uri "/app/.env"] [unique_id "adZWOVM8REUPKPBuLKQBXAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 13:05:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 09:05:37.625044 2026] [security2:error] [pid 2598632:tid 2598632] [client 141.101.98.167:11092] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beepainless.garyrankin.com"] [uri "/srv/.env"] [unique_id "adZSoafAZDiTezsAXbtIBAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack