๐บ๐ธ
mawan
2026-07-07 06:01:17
(19 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 19:07:33
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 15:07:29.951267 2026] [security2:error] [pid 25177:tid 25203] [client 172.71.122.195:12383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magusincognito.com.aafm.us"] [uri "/.git/config"] [unique_id "ajRB8Xnh8CAtewGPnkBp6gAAANc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-16 00:27:16
(3 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฎ๐ช
eyesilyurt
2025-09-02 19:52:05
(10 months ago)
p- login authenticator failed Incorrect authentication data
Brute-Force
SSH
๐บ๐ธ
mawan
2025-08-10 16:59:21
(10 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2025-07-28 08:47:31
(11 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
creations.works
2025-05-23 04:53:37
(1 year ago)
Blocked by UFW on vds [80/tcp]
Source port: 61624
TTL: 57
Packet length: 60
TOS: 0x00
This report w ...
show more
Blocked by UFW on vds [80/tcp]
Source port: 61624
TTL: 57
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Web App Attack
๐บ๐ธ
creations.works
2025-05-18 07:13:38
(1 year ago)
Blocked by UFW on vds [80/tcp]
Source port: 40526
TTL: 57
Packet length: 60
TOS: 0x00
This report w ...
show more
Blocked by UFW on vds [80/tcp]
Source port: 40526
TTL: 57
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-25 00:44:01
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 24 20:43:53.902468 2025] [security2:error] [pid 11616:tid 11616] [client 172.71.122.195:53316] [client 172.71.122.195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.camel24.cc"] [uri "/dev/.env"] [unique_id "aArayXhGnDPDn8GINx7CCgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-24 07:38:03
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 24 03:37:55.612126 2025] [security2:error] [pid 2748363:tid 2748363] [client 172.71.122.195:33658] [client 172.71.122.195] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ipv6.virtualizecr.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ipv6.virtualizecr.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aAnqU5IK7FBHB5G0UJEMEAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-23 09:31:44
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 23 05:31:38.569854 2025] [security2:error] [pid 4175689:tid 4175689] [client 172.71.122.195:31806] [client 172.71.122.195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easy-byte.net"] [uri "/vendor/.env"] [unique_id "aAizehede1TmF_eviamgrgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Study Bitcoin ๐ค
2025-04-15 01:55:05
(1 year ago)
3 port probes: 3x tcp/80 (http)
[srv125]
Port Scan
Bad Web Bot
Web App Attack
Anonymous
2025-04-11 04:46:29
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-04-10 13:09:51
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.122.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 10 09:09:44.357408 2025] [security2:error] [pid 1271169:tid 1271169] [client 172.71.122.195:25826] [client 172.71.122.195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rodrigoaldecoa.com"] [uri "/public/.env"] [unique_id "Z_fDGPci-YgdrmyXmqCRtwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-04-08 19:29:00
(1 year ago)
[Tue Apr 08 21:28:59.787569 2025] [authz_core:error] [pid 16835] [client 172.71.122.195:22038] AH016 ...
show more
[Tue Apr 08 21:28:59.787569 2025] [authz_core:error] [pid 16835] [client 172.71.122.195:22038] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Tue Apr 08 21:28:59.826812 2025] [authz_core:error] [pid 16835] [client 172.71.122.195:22038] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Tue Apr 08 21:28:59.865957 2025] [authz_core:error] [pid 16835] [client 172.71.122.195:22038] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack