๐ฉ๐ช
strxmpp
2026-06-22 05:07:49
(1 week ago)
172.71.172.57 - - [22/Jun/2026:07:07:48 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 301 681 " ...
show more
172.71.172.57 - - [22/Jun/2026:07:07:48 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 301 681 "-" "http://jabberzueri.ch/wp-admin/install.php?step=1"
...
show less
Bad Web Bot
๐ฌ๐ง
pinguin
2026-06-20 19:16:10
(1 week ago)
Triggered Cloudflare WAF (firewallManaged) from DE.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from DE.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
on-com
2026-06-16 02:52:46
(2 weeks ago)
URL scan
Brute-Force
Web App Attack
๐ฉ๐ช
on-com
2026-06-11 18:49:25
(2 weeks ago)
URL scan
Brute-Force
Web App Attack
๐ฉ๐ช
strxmpp
2026-06-09 22:54:19
(3 weeks ago)
172.71.172.57 - - [10/Jun/2026:00:54:19 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 301 681 " ...
show more
172.71.172.57 - - [10/Jun/2026:00:54:19 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 301 681 "-" "http://jabberzueri.ch/wp-admin/install.php?step=1"
...
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-06 17:30:19
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 13:30:14.665907 2026] [security2:error] [pid 27288:tid 27306] [client 172.71.172.57:9956] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citystylesseattle.meanmouse.com"] [uri "/.git/config"] [unique_id "aiRZJt80SbaQ97QHutiX_wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 19:45:34
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 15:45:26.708382 2026] [security2:error] [pid 16187:tid 16187] [client 172.71.172.57:11858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hoofprints.us"] [uri "/.git/config"] [unique_id "aiHV1kp53k_jLoKFUWBvGAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-04 15:03:12
(3 weeks ago)
172.71.172.57 - - [04/Jun/2026:17:03:12 +0200] "GET /.git/config HTTP/2.0" 301 169 "-" "Wget/1.21.3 ...
show more
172.71.172.57 - - [04/Jun/2026:17:03:12 +0200] "GET /.git/config HTTP/2.0" 301 169 "-" "Wget/1.21.3 (linux-gnu)"
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-02 23:01:02
(4 weeks ago)
(mod_security) mod_security (id:949110) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:949110) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 19:00:56.227452 2026] [security2:error] [pid 11093:tid 11093] [client 172.71.172.57:12975] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "theshitmyaisays.com"] [uri "/.git/config"] [unique_id "ah9gqMnT3OGnE9NMb7x6TAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 20:48:35
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 16:48:29.540453 2026] [security2:error] [pid 13065:tid 13065] [client 172.71.172.57:12189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cynosurephotography.com"] [uri "/.git/config"] [unique_id "ah9BnUe1O5UZI1KrI4svSgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 19:01:57
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:01:50.346963 2026] [security2:error] [pid 24098:tid 24098] [client 172.71.172.57:10420] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "murciafm.com"] [uri "/.git/config"] [unique_id "ah8onmHGiBVEEgep_HF0QQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-02 03:05:34
(4 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ท๐บ
DZBOT
2026-05-31 08:22:15
(4 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฆ๐ฑ
router.al
2026-05-29 19:21:11
(1 month ago)
05/29/2026-19:21:11.699179 172.71.172.57 Protocol: 6 ET WEB_SERVER WEB-PHP phpinfo access
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-25 01:55:26
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 21:55:18.621212 2026] [security2:error] [pid 23861:tid 23874] [client 172.71.172.57:12974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eliteproductions.tv"] [uri "/.env"] [unique_id "ahOsBrIbgxKTl7OV0ChgigAAAYU"], referer: https://www.google.com/search?q=eliteproductions.tv
show less
Brute-Force
Bad Web Bot
Web App Attack