๐บ๐ธ
TPI-Abuse
2026-07-15 09:18:32
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 172.70.127.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.127.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 05:18:26.138216 2026] [security2:error] [pid 19556:tid 19556] [client 172.70.127.52:14251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accomplishedmagazine.com"] [uri "/.env.development.local"] [unique_id "aldQYvHAUN8gx1Y7RbtWXwAAADA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-06 06:28:53
(1 week ago)
172.70.127.52 - - [06/Jul/2026:1
...
Brute-Force
๐ฏ๐ต
S.O.B.A. Dev.
2026-01-13 23:47:56
(6 months ago)
Persistent port scanning or vulnerability scanning
Port Scan
Anonymous
2025-10-24 11:17:24
(8 months ago)
[Fri Oct 24 13:17:21.056024 2025] [authz_core:error] [pid 27598] [client 172.70.127.52:12095] AH0163 ...
show more
[Fri Oct 24 13:17:21.056024 2025] [authz_core:error] [pid 27598] [client 172.70.127.52:12095] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Oct 24 13:17:23.211012 2025] [authz_core:error] [pid 27598] [client 172.70.127.52:12095] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Oct 24 13:17:23.928453 2025] [authz_core:error] [pid 27598] [client 172.70.127.52:12095] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
Anonymous
2025-10-24 05:40:05
(8 months ago)
[Fri Oct 24 07:40:01.431001 2025] [authz_core:error] [pid 25702] [client 172.70.127.52:11498] AH0163 ...
show more
[Fri Oct 24 07:40:01.431001 2025] [authz_core:error] [pid 25702] [client 172.70.127.52:11498] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Oct 24 07:40:02.660899 2025] [authz_core:error] [pid 25702] [client 172.70.127.52:11498] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Oct 24 07:40:03.795715 2025] [authz_core:error] [pid 25702] [client 172.70.127.52:11498] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐ฌ๐ง
pinguin
2025-09-13 15:39:29
(10 months ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฌ๐ง
pinguin
2025-08-29 16:48:54
(10 months ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2025-07-14 14:06:33
(1 year ago)
Aggressive web scan
Web App Attack
๐ฌ๐ง
pinguin
2025-06-30 07:11:58
(1 year ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-05-14 03:54:27
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 172.70.127.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.127.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 13 23:54:23.563713 2025] [security2:error] [pid 2644596:tid 2644596] [client 172.70.127.52:12984] [client 172.70.127.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tashkentcameri.365soft.top"] [uri "/.git/config"] [unique_id "aCQT74GH7johjTrFBkqHzAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Study Bitcoin ๐ค
2025-05-13 22:06:38
(1 year ago)
Port probe to tcp/8080 (http)
[srv125]
Port Scan
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-24 06:04:51
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 172.70.127.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.127.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 24 02:04:44.408351 2025] [security2:error] [pid 21776:tid 21776] [client 172.70.127.52:13170] [client 172.70.127.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "redish.org"] [uri "/.git/config"] [unique_id "Z-D1_F76FcAeOU8p_aeoOAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Study Bitcoin ๐ค
2025-03-03 11:00:37
(1 year ago)
Port probe to tcp/80 (http)
[srv125]
Port Scan
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-02-21 09:12:34
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 172.70.127.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 172.70.127.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 21 04:12:26.384916 2025] [security2:error] [pid 442702:tid 442702] [client 172.70.127.52:31828] [client 172.70.127.52] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.upskirtcrazy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.upskirtcrazy.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z7hDeo5Z9wdSurlMxGR8wwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Study Bitcoin ๐ค
2025-02-17 18:36:53
(1 year ago)
Port probe to tcp/443 (https)
[srv125]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack