๐บ๐ธ
factor1
2026-07-16 14:58:55
(3 days ago)
Fail2ban at churndash Reports Abuse.
Brute-Force
Web App Attack
๐ซ๐ท
mrcrassi
2026-07-05 20:04:25
(1 week ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/2 (POST method ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/2 (POST method)
Endpoint: /wp-login.php
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-05 00:49:18
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 20:49:10.987247 2026] [security2:error] [pid 18210:tid 18210] [client 209.50.170.120:47919] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||192.64.151.7|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "192.64.151.7"] [uri "/000000000000.cfg"] [unique_id "akmqBofpu6vMNIDhaPzmzwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
๐ฉ๐ช
F242
2026-01-30 06:11:26
(5 months ago)
Wordpress Login or XMLRPC abuse
Web App Attack
Anonymous
2025-12-09 09:24:56
(7 months ago)
botnet
DDoS Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 06:11:19
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:11:07.155548 2025] [security2:error] [pid 10025:tid 10025] [client 209.50.170.120:35185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thenewplace.org"] [uri "/.git/HEAD"] [unique_id "aSVIe1S91qmrTkBXoWSOGgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 03:57:59
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:57:51.514458 2025] [security2:error] [pid 7752:tid 7752] [client 209.50.170.120:56995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.boederinteriordesign.com"] [uri "/.git/HEAD"] [unique_id "aSUpP6SJ3KiaZ_Y1A-z6KQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 03:16:57
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:16:51.968884 2025] [security2:error] [pid 16158:tid 16158] [client 209.50.170.120:16427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.makeupbyindi.com"] [uri "/.env"] [unique_id "aSUfo02DS0Foa7DtMQcm1QAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 02:59:33
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:59:25.910263 2025] [security2:error] [pid 12716:tid 12741] [client 209.50.170.120:33677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.spectresails.com"] [uri "/.env"] [unique_id "aSUbjdFyYQkDKh-KlDQfkAAAAI8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 01:00:48
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:00:42.559937 2025] [security2:error] [pid 21236:tid 21236] [client 209.50.170.120:55771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.weirdlovemakers.com"] [uri "/.git/HEAD"] [unique_id "aST_uphXsQbRysm0f-7EXQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 00:14:54
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:14:49.751544 2025] [security2:error] [pid 14542:tid 14542] [client 209.50.170.120:53645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.whswarrior.com"] [uri "/.git/HEAD"] [unique_id "aST0-Xnvu1kMnCtOUhOFgwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 09:21:21
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:21:14.591104 2025] [security2:error] [pid 29366:tid 29366] [client 209.50.170.120:55189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.mchen-arch.com"] [uri "/.svn/wc.db"] [unique_id "aSQjilZcRBuOYTInNHxp9QAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:03:35
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:03:30.041351 2025] [security2:error] [pid 4018:tid 4018] [client 209.50.170.120:20713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.alknetso.name"] [uri "/.env"] [unique_id "aSQRUkU8i-Hr1Q0iaDxO8QAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 06:36:29
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.170.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:36:25.605730 2025] [security2:error] [pid 8057:tid 8057] [client 209.50.170.120:26433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bigchus.com"] [uri "/.env"] [unique_id "aSP86XSBeszGk6-FuZmZfwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack