๐บ๐ธ
TPI-Abuse
2026-07-15 06:31:50
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 172.71.232.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.232.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 02:29:09.106888 2026] [security2:error] [pid 32636:tid 32636] [client 172.71.232.49:10986] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "golflavahotsprings.com"] [uri "/.env.backup"] [unique_id "alcotbsV8q3DWMGIFBvKlAAAAEo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-07-12 10:26:36
(3 days ago)
[redacted] 172.71.232.49 - - [12/Jul/2026:11:26:35 +0100] "GET /dashboard/[redacted] HTTP/2.0" 301 8 ...
show more
[redacted] 172.71.232.49 - - [12/Jul/2026:11:26:35 +0100] "GET /dashboard/[redacted] HTTP/2.0" 301 88 "-" "curl/8.7.1" [redacted] 172.71.232.49 - - [12/Jul/2026:11:26:35 +0100] "GET /fr/dashboard/[redacted]/ HTTP/2.0" 404 24818 "-" "curl/8.7.1"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 11:20:33
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 172.71.232.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.71.232.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:20:28.017241 2026] [security2:error] [pid 26688:tid 26827] [client 172.71.232.49:11560] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.woodamy.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.woodamy.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ak4yfA8QMEB_4jQeU_io8QAAARM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-04 21:59:18
(1 week ago)
Auto-ban: >3000 req/min op 2026-07-04
Web App Attack
SSH
Hacking
๐ซ๐ท
Baking333
2026-07-02 04:34:52
(2 weeks ago)
[redacted] 172.71.232.49 - - [02/Jul/2026:05:34:50 +0100] "GET /fr/.[redacted]/ HTTP/2.0" 404 25134 ...
show more
[redacted] 172.71.232.49 - - [02/Jul/2026:05:34:50 +0100] "GET /fr/.[redacted]/ HTTP/2.0" 404 25134 "-" "curl/8.7.1" [redacted] 172.71.232.49 - - [02/Jul/2026:05:34:50 +0100] "GET /.[redacted] HTTP/2.0" 301 83 "-" "curl/8.7.1"
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-06-29 08:23:34
(2 weeks ago)
[redacted] 172.71.232.49 - - [29/Jun/2026:09:23:32 +0100] "GET /.env HTTP/2.0" 301 53 "-" "curl/8.7. ...
show more
[redacted] 172.71.232.49 - - [29/Jun/2026:09:23:32 +0100] "GET /.env HTTP/2.0" 301 53 "-" "curl/8.7.1" [redacted] 172.71.232.49 - - [29/Jun/2026:09:23:33 +0100] "GET /fr/.env/ HTTP/2.0" 404 24822 "-" "curl/8.7.1"
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
acadeova
2026-06-27 07:39:45
(2 weeks ago)
๐จ Recon detected (nft drop)
SRC=172.71.232.49
Observed=TCP dpt=80 in=enp0s6 ttl=58
Time=recent(journ ...
show more
๐จ Recon detected (nft drop)
SRC=172.71.232.49
Observed=TCP dpt=80 in=enp0s6 ttl=58
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
Anonymous
2026-06-27 02:38:35
(2 weeks ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐ซ๐ท
Baking333
2026-06-26 06:51:17
(2 weeks ago)
[redacted] 172.71.232.49 - - [26/Jun/2026:07:51:15 +0100] "GET /.erp/..env HTTP/2.0" 301 79 "-" "cur ...
show more
[redacted] 172.71.232.49 - - [26/Jun/2026:07:51:15 +0100] "GET /.erp/..env HTTP/2.0" 301 79 "-" "curl/8.7.1" [redacted] 172.71.232.49 - - [26/Jun/2026:07:51:16 +0100] "GET /fr/.erp/..env/ HTTP/2.0" 404 24828 "-" "curl/8.7.1"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-16 03:05:43
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 12:51:50
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.232.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.232.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:51:42.718718 2026] [security2:error] [pid 18771:tid 18771] [client 172.71.232.49:9631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.exoticcarwrap.com"] [uri "/.git/config"] [unique_id "ai6j3uMfwPMjbg8QO-2cYgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-06-05 20:45:13
(1 month ago)
Triggered Cloudflare WAF (firewallManaged) from FR.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from FR.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /API/constants.js
UA: TLM-Audit-Scanner/1.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
mnsf
2026-06-04 17:05:37
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฏ๐ต
S.O.B.A. Dev.
2026-05-19 08:21:13
(1 month ago)
Persistent port scanning or vulnerability scanning
Port Scan
๐ฉ๐ช
www.mammazone.it
2026-04-30 11:13:03
(2 months ago)
[Thu Apr 30 13:13:02.181989 2026] [access_compat:error] [pid 3353786] [client 172.71.232.49:10692] A ...
show more
[Thu Apr 30 13:13:02.181989 2026] [access_compat:error] [pid 3353786] [client 172.71.232.49:10692] AH01797: client denied by server configuration: /var/www/fabiodirauso.it/next.config.js.bak
...
show less
Hacking
Web App Attack