๐บ๐ฆ
URAN Publishing Service
2026-05-03 10:07:14
(2 months ago)
172.70.114.6 - - [03/May/2026:13:07:13 +0300] "GET /wp-admin/dofault.php HTTP/1.1" 404 762 "-" "Mozi ...
show more
172.70.114.6 - - [03/May/2026:13:07:13 +0300] "GET /wp-admin/dofault.php HTTP/1.1" 404 762 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
172.70.114.6 - - [03/May/2026:13:07:14 +0300] "GET /wp-content/themes/theme-check/main.php HTTP/1.1" 404 761 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-04-23 20:26:17
(2 months ago)
172.70.114.6 - - [23/Apr/2026:23:26:02 +0300] "GET /wp-includes/sitemaps/ HTTP/1.1" 404 762 "-" "Moz ...
show more
172.70.114.6 - - [23/Apr/2026:23:26:02 +0300] "GET /wp-includes/sitemaps/ HTTP/1.1" 404 762 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
172.70.114.6 - - [23/Apr/2026:23:26:16 +0300] "GET /wp-includes/PHPMailer/ HTTP/1.1" 404 762 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
...
show less
Web App Attack
๐จ๐ฆ
polycoda
2026-03-31 12:27:19
(3 months ago)
AutoBlock: ๐ฏ Vulnerability Scanner (Non Decay-Based)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 20:43:34
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 16:43:27.003309 2026] [security2:error] [pid 3760:tid 3760] [client 172.70.114.6:9538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.michaelandkatie.us"] [uri "/site/.env"] [unique_id "acmO78xRTcqsYrWnO05ZuQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 19:54:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 15:54:19.394957 2026] [security2:error] [pid 16351:tid 16351] [client 172.70.114.6:9955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.fruitinthedesert.com"] [uri "/.env.docker"] [unique_id "acmDa_UfbRFriRnTnUjh7gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 08:09:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 04:09:28.848126 2026] [security2:error] [pid 3876:tid 3876] [client 172.70.114.6:11841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.forwardti.com"] [uri "/.env.php"] [unique_id "ab0AuDYxfCJMMasuSYvcCAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 05:00:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:59:54.864742 2026] [security2:error] [pid 11601:tid 11601] [client 172.70.114.6:13463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.friendlyfarmforfun.com"] [uri "/.env.production.local"] [unique_id "abzUSl4IimALSuk4-Jw4zwAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 03:56:55
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:56:48.376921 2026] [security2:error] [pid 21191:tid 21191] [client 172.70.114.6:13527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.abuscalledfreedom.com"] [uri "/.env.json"] [unique_id "abzFgCnqyjoZAhKMbNzTTQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 03:40:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:40:10.056794 2026] [security2:error] [pid 16682:tid 16682] [client 172.70.114.6:12699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lopansri.com"] [uri "/.env.tmp"] [unique_id "abzBmh20NfMv-GPY-d-KpwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 02:33:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 22:33:01.062700 2026] [security2:error] [pid 28252:tid 28252] [client 172.70.114.6:12062] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "intercite.com"] [uri "/app/.env"] [unique_id "abyx3R-D_wICknmJuD81pAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 01:06:51
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 21:06:43.303929 2026] [security2:error] [pid 1334:tid 1334] [client 172.70.114.6:9885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.67ronin.com"] [uri "/.env.container"] [unique_id "abydo-yRS3JnBe-QriwmPQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 00:20:26
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.114.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 20:20:19.747518 2026] [security2:error] [pid 15334:tid 15334] [client 172.70.114.6:12309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.goldenstatealliance.com"] [uri "/.env2"] [unique_id "abySwzJBNHQIEPuyuoPs7AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2025-12-08 15:44:35
(7 months ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/138.0.7204.156 Mobile/15E148 Safari/604.1
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
mnsf
2025-09-19 03:05:37
(9 months ago)
Login Too Frequent (7)
Brute-Force
Web App Attack
Anonymous
2025-09-06 21:56:11
(10 months ago)
[Sat Sep 06 23:56:10.797933 2025] [authz_core:error] [pid 30532] [client 172.70.114.6:43272] AH01630 ...
show more
[Sat Sep 06 23:56:10.797933 2025] [authz_core:error] [pid 30532] [client 172.70.114.6:43272] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Sep 06 23:56:10.948819 2025] [authz_core:error] [pid 30532] [client 172.70.114.6:43272] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Sep 06 23:56:11.100533 2025] [authz_core:error] [pid 30532] [client 172.70.114.6:43272] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack