๐ฉ๐ช
reznekcs
2026-07-16 05:03:13
(2 days ago)
Blocked by UFW firewall
Brute-Force
๐ฉ๐ช
raph
2026-06-26 22:26:04
(3 weeks ago)
[DOT FILES] crawler *.env*, .git*, .config*, etc.
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-20 19:40:48
(4 weeks ago)
162.158.210.74 - - [20/Jun/2026:22:40:47 +0300] "GET /etc/passwd HTTP/1.1" 404 783 "-" "Mozilla/5.0 ...
show more
162.158.210.74 - - [20/Jun/2026:22:40:47 +0300] "GET /etc/passwd HTTP/1.1" 404 783 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
162.158.210.74 - - [20/Jun/2026:22:40:47 +0300] "GET /etc/passwd HTTP/1.1" 404 783 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฌ๐ง
CrystalMaker
2026-06-18 08:41:31
(1 month ago)
Vulnerability scan - GET /postcss.config.js HTTP/2.0
Hacking
๐ฌ๐ง
pinguin
2026-06-17 00:21:20
(1 month ago)
Triggered Cloudflare WAF (firewallManaged) from BG.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from BG.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /.git/config
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-08 21:00:23
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.210.74 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.210.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 17:00:19.282298 2026] [security2:error] [pid 9898:tid 9898] [client 162.158.210.74:11620] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "judysminidonuts.com.pages4you.com"] [uri "/.git/config"] [unique_id "aictY38qXEjirp6og1SpcAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 20:44:57
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.210.74 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.210.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 16:44:51.653350 2026] [security2:error] [pid 5322:tid 5322] [client 162.158.210.74:13356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.zmncollection.com"] [uri "/.git/config"] [unique_id "aicpw74gqOmCbpQnp9EjhQAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-06-08 14:10:01
(1 month ago)
Triggered Cloudflare WAF (firewallManaged) from BG.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from BG.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2026-04-14 08:50:04
(3 months ago)
| Multiple common web attacks from same source ip. (multiple servers)
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
Furry Network Services
2026-04-09 01:58:42
(3 months ago)
Blocked by UFW [8080/tcp] | SPT: 9839 | TTL: 51 | LEN: 60 | TOS: 0x00 โข Reported by: github.com/sefi ...
show more
Blocked by UFW [8080/tcp] | SPT: 9839 | TTL: 51 | LEN: 60 | TOS: 0x00 โข Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
Furry Network Services
2026-04-08 01:51:52
(3 months ago)
Blocked by UFW [8080/tcp] | SPT: 11091 | TTL: 52 | LEN: 60 | TOS: 0x00 โข Reported by: github.com/sef ...
show more
Blocked by UFW [8080/tcp] | SPT: 11091 | TTL: 52 | LEN: 60 | TOS: 0x00 โข Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ช๐ธ
el-brujo
2026-02-08 04:55:38
(5 months ago)
08/Feb/2026:05:55:38.446912 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ...
show more
08/Feb/2026:05:55:38.446912 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 162.158.210.74] ModSecurity: Warning. Matched phrase "/webpack.config.js" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /webpack.config.js found within REQUEST_FILENAME: /webpack.config.js"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "warzone.elhacker.net"] [uri "/webpack.config.js"] [unique_id "aYgXStDN7Z85s8iWYHT02QADTig"]
...
show less
Hacking
Web App Attack
๐ช๐ธ
el-brujo
2026-02-01 17:25:22
(5 months ago)
01/Feb/2026:18:25:21.312234 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ...
show more
01/Feb/2026:18:25:21.312234 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 162.158.210.74] ModSecurity: Warning. Matched phrase "/webpack.config.js" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /webpack.config.js found within REQUEST_FILENAME: /webpack.config.js"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "warzone.elhacker.net"] [uri "/webpack.config.js"] [unique_id "aX-MgTnLwnjgYLQwATv4eAAHdgw"]
...
show less
Hacking
Web App Attack
๐ซ๐ฎ
stinpriza
2026-01-21 18:08:35
(5 months ago)
Web App Attack
Web App Attack
๐บ๐ธ
Paschen J Ki
2025-09-27 06:00:59
(9 months ago)
Blocked by UFW [8008/tcp]
Source port: 64796
TTL: 45
Packet length: 60
TOS: 0x00
This report was ge ...
show more
Blocked by UFW [8008/tcp]
Source port: 64796
TTL: 45
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan