๐ง๐ช
cmbplf
2026-06-24 23:43:01
(6 days ago)
106 requests with url.path *credentials.json
Brute-Force
Bad Web Bot
๐ซ๐ท
Baking333
2026-06-24 23:01:32
(6 days ago)
[redacted] 2a10:4646:190::5824:f38a - - [24/Jun/2026:22:05:39 +0100] "GET / HTTP/1.1" 200 12431 0/58 ...
show more
[redacted] 2a10:4646:190::5824:f38a - - [24/Jun/2026:22:05:39 +0100] "GET / HTTP/1.1" 200 12431 0/58508 "https://[redacted]/.[redacted]" "CCBot/2.0 (https://[redacted]/faq/)" [redacted] 2a10:4646:190::5824:f38a - - [24/Jun/2026:22:05:39 +0100] "GET / HTTP/1.1" 200 7210 0/94898 "https://[redacted]/wp-content/[redacted]" "anthropic-ai"
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-06-24 22:31:46
(6 days ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-06-24 22:13:36
(6 days ago)
(modsecurity) srv101 ModSecurity 2a10:4646:190::5824:f38a (FR/France/-): 10 in the last 3600 secs; P ...
show more
(modsecurity) srv101 ModSecurity 2a10:4646:190::5824:f38a (FR/France/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ซ๐ท
Baking333
2026-06-24 21:05:38
(6 days ago)
[redacted] 2a10:4646:190::5824:f38a - - [24/Jun/2026:22:05:36 +0100] "GET /wp-content/[redacted] HTT ...
show more
[redacted] 2a10:4646:190::5824:f38a - - [24/Jun/2026:22:05:36 +0100] "GET /wp-content/[redacted] HTTP/1.1" 302 6773 0/131414 "-" "anthropic-ai" [redacted] 2a10:4646:190::5824:f38a - - [24/Jun/2026:22:05:36 +0100] "GET /.[redacted] HTTP/1.1" 302 6773 0/145301 "-" "CCBot/2.0 (https://[redacted]/faq/)"
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-06-24 19:53:12
(6 days ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ฌ๐ง
venus.launch.bz
2026-06-24 07:09:44
(6 days ago)
(wpscan) WordPress probe detected from 2a10:4646:190::5824:f38a (Unknown)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-24 06:30:38
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2a10:4646:190::5824:f38a (Unknown): 1 in the la ...
show more
(mod_security) mod_security (id:210492) triggered by 2a10:4646:190::5824:f38a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 02:30:31.946600 2026] [security2:error] [pid 25064:tid 25064] [client 2a10:4646:190::5824:f38a:33846] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "camouflagebikinis.com"] [uri "/.env"] [unique_id "ajt5h6YuBzFx7bujHae9XgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 04:43:14
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a10:4646:190::5824:f38a (Unknown): 1 in the la ...
show more
(mod_security) mod_security (id:210492) triggered by 2a10:4646:190::5824:f38a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:43:03.718873 2026] [security2:error] [pid 17340:tid 17340] [client 2a10:4646:190::5824:f38a:51696] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "camerongunsmith.com"] [uri "/.git/config"] [unique_id "ajtgVzYuEVs7C9KELETTWQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
slay3r9903
2026-06-24 04:33:58
(1 week ago)
IP address blocked by Cloudflare security rules due to suspicious activity and security violations.
Hacking
Bad Web Bot
๐ง๐ฌ
HighWay
2026-06-24 04:31:27
(1 week ago)
2a10:4646:190::5824:f38a - - [24/Jun/2026:04:31:26 +0000] "GET /robots.txt HTTP/1.1" 404 5620 "-" "M ...
show more
2a10:4646:190::5824:f38a - - [24/Jun/2026:04:31:26 +0000] "GET /robots.txt HTTP/1.1" 404 5620 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)"
2a10:4646:190::5824:f38a - - [24/Jun/2026:04:31:26 +0000] "GET /secrets.yml HTTP/1.1" 404 524 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot"
...
show less
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ฐ
ScamAware
2026-06-24 03:39:45
(1 week ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 10. Unique request paths counted internally: 8. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Web App Attack
๐ซ๐ท
mrcrassi
2026-06-24 02:45:55
(1 week ago)
Triggered Cloudflare WAF (firewallManaged) from FR.
Action taken: BLOCK
Protocol: HTTP/2 (GET method ...
show more
Triggered Cloudflare WAF (firewallManaged) from FR.
Action taken: BLOCK
Protocol: HTTP/2 (GET method)
Endpoint: /service-account-key.json
UA: Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-24 01:24:38
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a10:4646:190::5824:f38a (Unknown): 1 in the la ...
show more
(mod_security) mod_security (id:210492) triggered by 2a10:4646:190::5824:f38a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 21:24:31.975744 2026] [security2:error] [pid 23079:tid 23079] [client 2a10:4646:190::5824:f38a:45800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "calvetparis.com"] [uri "/.env"] [unique_id "ajsxz7dWyXpExr2D-ieWzwAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 23:21:20
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2a10:4646:190::5824:f38a (Unknown): 1 in the la ...
show more
(mod_security) mod_security (id:210730) triggered by 2a10:4646:190::5824:f38a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 19:21:14.458810 2026] [security2:error] [pid 21789:tid 21789] [client 2a10:4646:190::5824:f38a:35424] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||openkiwiai.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "openkiwiai.com"] [uri "/wp-content/debug.log"] [unique_id "ajsU6pPJtIDP6bAbNo9AuwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack