๐บ๐ธ
mawan
2026-07-08 06:08:46
(14 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ท๐บ
DZBOT
2026-07-07 21:43:29
(23 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2026-06-10 01:23:19
(4 weeks ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
Anonymous
2026-06-07 19:58:53
(1 month ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐ฌ๐ง
pinguin
2026-06-04 05:48:58
(1 month ago)
Triggered Cloudflare WAF (firewallManaged) from DE.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from DE.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (l9scan/2.0.8393e26323e28313e2430313; +https://leakix.net)
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-02 13:08:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 09:08:26.151699 2026] [security2:error] [pid 4850:tid 4850] [client 172.70.240.56:10985] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jemsfood.com"] [uri "/.git/config"] [unique_id "ah7Vyo73P7jShOpuUFN2yAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 12:05:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 08:05:12.551120 2026] [security2:error] [pid 25517:tid 25517] [client 172.70.240.56:9423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "genevainvestors.com"] [uri "/.git/config"] [unique_id "ah7G-NYU5HyA01W483S_NgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 10:35:40
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:35:35.879333 2026] [security2:error] [pid 22174:tid 22174] [client 172.70.240.56:10527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "colorwize.com"] [uri "/.git/config"] [unique_id "ah6x948blGVBpxQ7k1NEEgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-02 10:05:37
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 10:01:16
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:01:09.523807 2026] [security2:error] [pid 27761:tid 27761] [client 172.70.240.56:11787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brunerpamela.com"] [uri "/.git/config"] [unique_id "ah6p5feaHUxXNgx4Gx2cGwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 09:10:59
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:10:51.593768 2026] [security2:error] [pid 6367:tid 6367] [client 172.70.240.56:13614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinkycouple4u.com"] [uri "/.git/config"] [unique_id "ah6eG9pYJGueJoo_CbzDHgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-01 20:41:30
(1 month ago)
[Drupal AbuseIPDB module] Request path is blacklisted. /wp-admin/install.php
Web App Attack
Anonymous
2026-05-29 20:12:44
(1 month ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-05-26 05:07:11
(1 month ago)
(mod_security) mod_security (id:949110) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:949110) triggered by 172.70.240.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 01:07:01.819444 2026] [security2:error] [pid 19995:tid 19995] [client 172.70.240.56:10514] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "euro-theatre.com"] [uri "/.env.backup"] [unique_id "ahUqdTGWX_FJQ1anORQ4UQAAAAY"], referer: https://www.google.com/search?q=euro-theatre.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mutebot.net
2026-05-22 00:00:48
(1 month ago)
SRC=172.70.240.56, PROTO=TCP, SPT=12713, DPT=2087
SRC=172.70.240.56, PROTO=TCP, SPT=12713, DPT=2087
...
show more
SRC=172.70.240.56, PROTO=TCP, SPT=12713, DPT=2087
SRC=172.70.240.56, PROTO=TCP, SPT=12713, DPT=2087
SRC=172.70.240.56, PROTO=TCP, SPT=12713, DPT=2087
SRC=172.70.240.56, PROTO=TCP, SPT=12713, DPT=2087
SRC=172.70.240.56, PROTO=TCP, SPT=12713, DPT=2087
show less
Port Scan