๐ซ๐ฎ
as211431.net
2026-07-10 18:33:41
(17 hours ago)
Triggered Cloudflare WAF (linkMaze) from DE.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/1.1 (GE ...
show more
Triggered Cloudflare WAF (linkMaze) from DE.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/1.1 (GET method)
Endpoint: /administrator/components/com_jce/
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
IndigoRidge
2026-07-10 08:25:51
(1 day ago)
172.70.248.107 - - [10/Jul/2026:04:25:08 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5098 "-" "WordPress. ...
show more
172.70.248.107 - - [10/Jul/2026:04:25:08 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5098 "-" "WordPress.com; https://wordpress.com"
172.70.248.107 - - [10/Jul/2026:04:25:19 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5098 "-" "Jetpack/12.1; WordPress/6.2; http://site49510420.com"
172.70.248.107 - - [10/Jul/2026:04:25:29 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5098 "-" "WordPress.com; https://wordpress.com"
172.70.248.107 - - [10/Jul/2026:04:25:40 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5098 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
172.70.248.107 - - [10/Jul/2026:04:25:51 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5098 "-" "Jetpack/13.0; WordPress/6.2; http://site89933440.com"
...
show less
Web App Attack
๐บ๐ธ
mawan
2026-07-01 23:01:52
(1 week ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ท๐บ
DZBOT
2026-06-22 15:04:24
(2 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 08:36:42
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 04:36:35.735062 2026] [security2:error] [pid 10242:tid 10242] [client 172.70.248.107:12765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luisgtechgroup.com"] [uri "/.git/config"] [unique_id "ajELE5QTpHFyCPo9sdzKzAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
gonet.home
2026-06-14 13:50:06
(3 weeks ago)
Security Event Detected by SOC Gonet: event=alert, hits=2
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-08 20:43:06
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 16:43:00.475271 2026] [security2:error] [pid 10802:tid 10802] [client 172.70.248.107:10973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rosecityexpress.soviaenterprises.com"] [uri "/.git/config"] [unique_id "aicpVOXjngE__luXrvd6IgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 21:55:21
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:55:17.064343 2026] [security2:error] [pid 2806:tid 2806] [client 172.70.248.107:12766] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "morecompound.modelengines.info"] [uri "/.git/config"] [unique_id "aiXoxUl9P6H7pj099iqhxgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 20:17:47
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 16:17:42.033479 2026] [security2:error] [pid 25241:tid 25248] [client 172.70.248.107:9261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "latinofederation.org"] [uri "/.git/config"] [unique_id "aiHdZpKtg5Zu3WFRWKMNRAAAAMI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 18:50:36
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 14:50:33.088689 2026] [security2:error] [pid 906:tid 906] [client 172.70.248.107:10071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "epetsure.co"] [uri "/.git/config"] [unique_id "aiHI-UqhhlX_EQ_Uhv3c7QAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 10:33:41
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:33:38.217727 2026] [security2:error] [pid 11915:tid 11939] [client 172.70.248.107:10646] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cocoonprojects.com"] [uri "/.git/config"] [unique_id "ah6xgnYGQ77KXUem0BKKUQAAAFY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-05-21 10:10:51
(1 month ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ท๐บ
DZBOT
2026-05-20 12:20:23
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-17 11:56:22
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 17 07:56:17.024720 2026] [security2:error] [pid 5960:tid 5960] [client 172.70.248.107:12735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.kaplankrew.com"] [uri "/.env.dev"] [unique_id "agms4bgw9dC67jNiGCv6VwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-05-13 14:33:04
(1 month ago)
172.70.248.107 - - [13/May/2026:
...
Brute-Force