๐บ๐ธ
mawan
2026-07-17 16:39:38
(1 day ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 08:32:28
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.127.74 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.127.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 04:32:13.106412 2026] [security2:error] [pid 6235:tid 6235] [client 172.70.127.74:10853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rcjav.com.lordhari.com"] [uri "/.env.test"] [unique_id "aldFjcDPfYNyyQnFauYU-QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-07-12 00:25:31
(1 week ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ณ๐ฑ
wolfemium
2026-06-13 18:30:45
(1 month ago)
172.70.127.74 - - [13/Jun/2026:21:27:22 +0300] "GET /122.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 ...
show more
172.70.127.74 - - [13/Jun/2026:21:27:22 +0300] "GET /122.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [13/Jun/2026:21:30:43 +0300] "GET /bb.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [13/Jun/2026:21:30:44 +0300] "GET /eee.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [13/Jun/2026:21:30:44 +0300] "GET /5BltUjE9CrY.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [13/Jun/2026:21:30:44 +0300] "GET /file25.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [13/Jun/2026:21:30:44 +0300] "GET /hg.php HTTP/1.1" 502 150 "-" "-"
...
show less
DDoS Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-09 11:48:57
(1 month ago)
172.70.127.74 - - [09/Jun/2026:14:48:56 +0300] "GET //wp-includes/js/jquery/ HTTP/1.1" 301 162 "-" " ...
show more
172.70.127.74 - - [09/Jun/2026:14:48:56 +0300] "GET //wp-includes/js/jquery/ HTTP/1.1" 301 162 "-" "-"
...
show less
Hacking
Web App Attack
๐ณ๐ฑ
wolfemium
2026-05-31 19:13:04
(1 month ago)
172.70.127.74 - - [31/May/2026:22:13:04 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ...
show more
172.70.127.74 - - [31/May/2026:22:13:04 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [31/May/2026:22:13:04 +0300] "GET /md5.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [31/May/2026:22:13:04 +0300] "GET /lock360.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [31/May/2026:22:13:04 +0300] "GET /waq.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [31/May/2026:22:13:04 +0300] "GET /garcoy.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [31/May/2026:22:13:04 +0300] "GET /sf.php HTTP/1.1" 502 150 "-" "-"
...
show less
DDoS Attack
๐ณ๐ฑ
wolfemium
2026-05-06 23:26:20
(2 months ago)
172.70.127.74 - - [07/May/2026:02:26:18 +0300] "GET /zoper1.php HTTP/1.1" 502 150 "-" "-"
172.70.127 ...
show more
172.70.127.74 - - [07/May/2026:02:26:18 +0300] "GET /zoper1.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [07/May/2026:02:26:19 +0300] "GET /a5.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [07/May/2026:02:26:19 +0300] "GET /ai.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [07/May/2026:02:26:19 +0300] "GET /jga.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [07/May/2026:02:26:19 +0300] "GET /term.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [07/May/2026:02:26:19 +0300] "GET /gk.php HTTP/1.1" 502 150 "-" "-"
...
show less
DDoS Attack
๐ง๐พ
lns.bz
2026-04-20 06:25:26
(2 months ago)
Too many 404 requests [BY]
Web App Attack
๐ณ๐ฑ
wolfemium
2026-03-29 16:09:02
(3 months ago)
172.70.127.74 - - [29/Mar/2026:19:09:01 +0300] "GET /ca4.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 ...
show more
172.70.127.74 - - [29/Mar/2026:19:09:01 +0300] "GET /ca4.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [29/Mar/2026:19:09:01 +0300] "GET /nz.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [29/Mar/2026:19:09:01 +0300] "GET /bnn_.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [29/Mar/2026:19:09:01 +0300] "GET /anz.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [29/Mar/2026:19:09:01 +0300] "GET /wen.php HTTP/1.1" 502 150 "-" "-"
172.70.127.74 - - [29/Mar/2026:19:09:01 +0300] "GET /file66.php HTTP/1.1" 502 150 "-" "-"
...
show less
DDoS Attack
๐ฌ๐ง
pinguin
2025-09-21 12:36:27
(9 months ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Empty string
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฌ๐ง
pinguin
2025-08-08 15:38:26
(11 months ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:59.0) Gecko/20100101 Firefox/59.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ณ๐ฑ
Study Bitcoin ๐ค
2025-05-02 15:02:37
(1 year ago)
Port probe to tcp/8443
[srv125]
Port Scan
๐บ๐ธ
TPI-Abuse
2025-05-01 03:04:17
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 172.70.127.74 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.127.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 30 23:04:12.132510 2025] [security2:error] [pid 13796:tid 13796] [client 172.70.127.74:59964] [client 172.70.127.74] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.swarnar.com|F|2"] [data ".dawn.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.swarnar.com"] [uri "/www.dawn.com"] [unique_id "aBLkrP45VFMD57ckfTudNQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Study Bitcoin ๐ค
2025-04-06 23:42:45
(1 year ago)
Port probe to tcp/443 (https)
[srv125]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-03-28 13:26:23
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force