๐ฉ๐ช
SMi-Web
2026-07-06 04:29:48
(4 hours ago)
Blocked by firewall on hugin [8443/tcp] | Rule: UFW | SPT: 13150 | TTL: 54 | LEN: 60 | TOS: 0x00 โข R ...
show more
Blocked by firewall on hugin [8443/tcp] | Rule: UFW | SPT: 13150 | TTL: 54 | LEN: 60 | TOS: 0x00 โข Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-21 19:56:16
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:56:09.605326 2026] [security2:error] [pid 15354:tid 15354] [client 162.158.63.128:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.webuildbeaches.com"] [uri "/.git/config"] [unique_id "ajhB2Tof5c_Amk2U3bs2ngAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-06-17 01:22:52
(2 weeks ago)
162.158.63.128 - - [16/Jun/2026:19:22:51 -0600] "GET /xmlrpc.php HTTP/2.0" 405 42 "https://www.googl ...
show more
162.158.63.128 - - [16/Jun/2026:19:22:51 -0600] "GET /xmlrpc.php HTTP/2.0" 405 42 "https://www.google.com/search?q=dooce.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Web App Attack
Anonymous
2026-06-15 03:15:38
(3 weeks ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
Anonymous
2026-06-08 02:54:15
(4 weeks ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
Anonymous
2026-05-29 08:09:43
(1 month ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 22:02:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 18:02:00.058806 2026] [security2:error] [pid 581:tid 581] [client 162.158.63.128:10113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.agirlwithaguitar.com"] [uri "/.env~"] [unique_id "ab8VWGXtIxrbnc96L16lfwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 09:15:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 05:15:05.818290 2026] [security2:error] [pid 26558:tid 26558] [client 162.158.63.128:11314] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.comitedelafamille.org"] [uri "/.env.dist"] [unique_id "ab0QGdcVNSAzMQd3XJOc8AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 08:21:37
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 04:21:34.309468 2026] [security2:error] [pid 29827:tid 29827] [client 162.158.63.128:14004] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bacpool.com"] [uri "/admin/.env"] [unique_id "ab0Djg3c1fQExCV0X1MDTAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 07:03:47
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 03:03:43.566062 2026] [security2:error] [pid 8175:tid 8311] [client 162.158.63.128:9228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.captechinc.com"] [uri "/.env_backup"] [unique_id "abzxT-z6q9QxfeKND3R0cAAAANg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 06:02:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 02:02:26.994538 2026] [security2:error] [pid 649:tid 649] [client 162.158.63.128:11413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.westernmassaa.net"] [uri "/.env.local.backup"] [unique_id "abzi8oKvBzGUgAcs-zExqQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 00:10:56
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 20:10:48.132111 2026] [security2:error] [pid 27792:tid 27792] [client 162.158.63.128:12132] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.misfitranch.com"] [uri "/.env.test"] [unique_id "abyQiLGDse-mLaPovZnebQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-03-19 23:11:41
(3 months ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-03-19 10:50:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:49:58.497771 2026] [security2:error] [pid 28998:tid 28998] [client 162.158.63.128:9701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aseguratuauto.com"] [uri "/.git/refs/heads/main"] [unique_id "abvU1vL9_FNoitXzY1pPaAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:15:06
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:15:01.503909 2026] [security2:error] [pid 16305:tid 16305] [client 162.158.63.128:12228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carlsvoice.com"] [uri "/.env_backup"] [unique_id "abvMpS7AEtHHvsd3U5OxagAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack