๐ฌ๐ง
Mendip_Defender
2026-07-06 22:51:48
(1 day ago)
144.217.135.243 - - [06/Jul/2026:23:51:31 +0100] "GET /robots.txt HTTP/1.1" 404 4929 "-" "Mozilla/5. ...
show more
144.217.135.243 - - [06/Jul/2026:23:51:31 +0100] "GET /robots.txt HTTP/1.1" 404 4929 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
144.217.135.243 - - [06/Jul/2026:23:51:38 +0100] "GET /ads.txt HTTP/1.1" 404 4929 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
144.217.135.243 - - [06/Jul/2026:23:51:39 +0100] "GET /llms.txt HTTP/1.1" 404 4929 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
...
show less
Hacking
Web App Attack
๐ฌ๐ง
Oakley
2026-07-05 20:56:31
(2 days ago)
(antiscrape_rule) Web application abuse detected 144.217.135.243 (CA/Canada/crawl-144-217-135-243.da ...
show more
(antiscrape_rule) Web application abuse detected 144.217.135.243 (CA/Canada/crawl-144-217-135-243.dataproviderbot.com): 5 in the last 900 secs
show less
Hacking
๐ฌ๐ง
Mendip_Defender
2026-07-02 19:05:15
(5 days ago)
144.217.135.243 - - [02/Jul/2026:20:05:06 +0100] "GET /ads.txt HTTP/1.1" 404 51186 "-" "Mozilla/5.0 ...
show more
144.217.135.243 - - [02/Jul/2026:20:05:06 +0100] "GET /ads.txt HTTP/1.1" 404 51186 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
144.217.135.243 - - [02/Jul/2026:20:05:06 +0100] "GET /security.txt HTTP/1.1" 404 51186 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
144.217.135.243 - - [02/Jul/2026:20:05:06 +0100] "GET /.well-known/security.txt HTTP/1.1" 404 51186 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
...
show less
Hacking
Web App Attack
๐บ๐ธ
cwytech
2026-06-28 16:10:10
(1 week ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/tpot-web-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-25 06:29:44
(4 months ago)
(mod_security) mod_security (id:243420) triggered by 144.217.135.243 (crawl-144-217-135-243.dataprov ...
show more
(mod_security) mod_security (id:243420) triggered by 144.217.135.243 (crawl-144-217-135-243.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 01:29:39.043355 2026] [security2:error] [pid 26036:tid 26036] [client 144.217.135.243:54183] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.circleway.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.circleway.org"] [uri "/contact.html"] [unique_id "aZ6W0ztjxOg4f-VS7KWiGgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-16 08:05:32
(4 months ago)
(mod_security) mod_security (id:243420) triggered by 144.217.135.243 (crawl-144-217-135-243.dataprov ...
show more
(mod_security) mod_security (id:243420) triggered by 144.217.135.243 (crawl-144-217-135-243.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 16 03:05:27.775329 2026] [security2:error] [pid 3363426:tid 3363426] [client 144.217.135.243:47389] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6649"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.kellymalone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.kellymalone.com"] [uri "/kellymalone%20demo/contact_kelly.htm"] [unique_id "aZLPx2dhuhnr89DAOHJJVgAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
AvonleaConsulting
2025-11-02 08:38:37
(8 months ago)
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2025-11-02 02:00:40
(8 months ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-10-28 20:21:38
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 144.217.135.243 (crawl-144-217-135-243.dataprov ...
show more
(mod_security) mod_security (id:210730) triggered by 144.217.135.243 (crawl-144-217-135-243.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 16:21:33.633149 2025] [security2:error] [pid 22994:tid 22994] [client 144.217.135.243:42563] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.andiamorun.com|F|2"] [data ".wearevolume.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.andiamorun.com"] [uri "/www.wearevolume.com"] [unique_id "aQElzfJJDrSe1eFTe6MbtQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-10-27 22:54:14
(8 months ago)
ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/144.217.135.243
2025-10-27 2 ...
show more
ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/144.217.135.243
2025-10-27 23:23:28 /
show less
Web App Attack
๐บ๐ธ
Hazael
2025-10-04 09:49:20
(9 months ago)
SNOOPING - intended to probe for or exploit website vulnerabilities. From: Beauharnois, Canada - OVH ...
show more
SNOOPING - intended to probe for or exploit website vulnerabilities. From: Beauharnois, Canada - OVH Hosting (AS16276 OVH SAS) - Agent: Mozilla/5.0 (compatible; Dataprovider.com)
show less
Web App Attack
๐ต๐ฑ
sefinek.net
2025-09-17 21:04:47
(9 months ago)
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Linux; Android 10; SM-G981B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Mobile Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2025-09-15 22:05:51
(9 months ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-08-23 05:12:54
(10 months ago)
(mod_security) mod_security (id:243420) triggered by 144.217.135.243 (crawl-144-217-135-243.dataprov ...
show more
(mod_security) mod_security (id:243420) triggered by 144.217.135.243 (crawl-144-217-135-243.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 23 01:12:50.933063 2025] [security2:error] [pid 14429:tid 14429] [client 144.217.135.243:56459] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||burke698.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "burke698.org"] [uri "/links.html"] [unique_id "aKlN0n1FDi7Di7P4IQwnKgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-08-21 13:47:01
(10 months ago)
Domain : tjitskewiersma.nl
Rule : config
2025-08-21 13:46:22 136.144.178.176 GET /.well-known/securi ...
show more
Domain : tjitskewiersma.nl
Rule : config
2025-08-21 13:46:22 136.144.178.176 GET /.well-known/security.txt - 80 - 144.217.135.243 HTTP/1.1 Mozilla/5.0 (compatible; Dataprovider.com) - www.tjitskewiersma.nl 404 0 2 12771 216 96 - -
show less
Hacking
SQL Injection