๐ฉ๐ช
www.mammazone.it
2026-07-13 19:03:21
(11 hours ago)
[Mon Jul 13 20:51:15.330569 2026] [access_compat:error] [pid 2483944] [client 172.71.127.152:10860] ...
show more
[Mon Jul 13 20:51:15.330569 2026] [access_compat:error] [pid 2483944] [client 172.71.127.152:10860] AH01797: client denied by server configuration: /var/www/fabiodirauso.it/web.config
[Mon Jul 13 21:03:21.396413 2026] [access_compat:error] [pid 2483967] [client 172.71.127.152:11500] AH01797: client denied by server configuration: /var/www/fabiodirauso.it/.config
...
show less
Hacking
๐ง๐ท
maviei
2026-07-11 22:42:41
(2 days ago)
2026-07-11T19:42:38.863440-03:00 srv1251771 kernel: [38521.653029] [UFW BLOCK] IN=eth0 OUT= MAC=40:e ...
show more
2026-07-11T19:42:38.863440-03:00 srv1251771 kernel: [38521.653029] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.71.127.152 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=43398 DF PROTO=TCP SPT=12005 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0
2026-07-11T19:42:39.917687-03:00 srv1251771 kernel: [38522.707276] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.71.127.152 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=43399 DF PROTO=TCP SPT=12005 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0
2026-07-11T19:42:40.944170-03:00 srv1251771 kernel: [38523.733759] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.71.127.152 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=43400 DF PROTO=TCP SPT=12005 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0
...
show less
Port Scan
๐ง๐พ
lns.bz
2026-07-10 23:17:16
(3 days ago)
Too many 404 requests [BY]
Web App Attack
Anonymous
2026-07-08 00:02:45
(6 days ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
mawan
2026-07-02 20:27:31
(1 week ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 19:12:15
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.127.152 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.127.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 15:12:11.622134 2026] [security2:error] [pid 14008:tid 14008] [client 172.71.127.152:9995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web142.dnchosting.com"] [uri "/.git/config"] [unique_id "akFyC_UZgP4Swman8fA43QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-06-23 14:06:39
(2 weeks ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 16:57:14
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.127.152 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.127.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 12:57:08.935157 2026] [security2:error] [pid 15143:tid 15226] [client 172.71.127.152:13570] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "denverdermatologist.aafm.us"] [uri "/.git/config"] [unique_id "ajQjZDdmOrD_tBCvL1EWmgAAAtQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-17 00:19:14
(3 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฎ๐ฉ
Burayot
2026-06-15 22:49:50
(4 weeks ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 172.71.127.152 (FR/France/-): 1 in ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 172.71.127.152 (FR/France/-): 1 in the last 3600 secs
show less
Web App Attack
๐ฉ๐ช
www.mammazone.it
2026-05-31 16:14:41
(1 month ago)
[Sun May 31 18:14:41.076150 2026] [access_compat:error] [pid 928816] [client 172.71.127.152:11655] A ...
show more
[Sun May 31 18:14:41.076150 2026] [access_compat:error] [pid 928816] [client 172.71.127.152:11655] AH01797: client denied by server configuration: /var/www/fabiodirauso.it/metrics.conf
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-15 11:41:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.127.152 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.127.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 07:41:11.299606 2026] [security2:error] [pid 22517:tid 22517] [client 172.71.127.152:14110] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bosdkbook.joepeters.org"] [uri "/.env.save"] [unique_id "agcGV-CrbvugruCU9eejkgAAABk"], referer: https://www.google.com/search?q=www.bosdkbook.joepeters.org
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-05-12 05:18:14
(2 months ago)
Triggered Cloudflare WAF (firewallManaged) from FR.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from FR.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: //site/wp-includes/wlwmanifest.xml
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
abdubhai
2026-03-22 13:20:52
(3 months ago)
172.71.127.152 - - [22/Mar/2026:
...
Brute-Force
๐ซ๐ท
Baking333
2026-03-21 21:30:38
(3 months ago)
[redacted] 172.71.127.152 - - [21/Mar/2026:22:30:35 +0100] "GET /backend/.env HTTP/2.0" 301 203 "-" ...
show more
[redacted] 172.71.127.152 - - [21/Mar/2026:22:30:35 +0100] "GET /backend/.env HTTP/2.0" 301 203 "-" "curl/8.7.1" [redacted] 172.71.127.152 - - [21/Mar/2026:22:30:35 +0100] "GET /fr/backend/.env/ HTTP/2.0" 404 24865 "-" "curl/8.7.1"
show less
Bad Web Bot
Web App Attack