๐ณ๐ฑ
homeshowdomain.nl
2026-06-29 22:05:03
(5 days ago)
Auto-ban: >3000 req/min op 2026-06-29
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-29 14:02:07
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 41.90.172.132 (41-90-172-132.safaricombusiness. ...
show more
(mod_security) mod_security (id:210492) triggered by 41.90.172.132 (41-90-172-132.safaricombusiness.co.ke): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 10:01:59.971381 2026] [security2:error] [pid 25754:tid 25754] [client 41.90.172.132:8433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sweak.com.mrcd.org"] [uri "/.env.production.local"] [unique_id "akJ616W_E9rme6v2AqbSqwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-29 10:43:50
(5 days ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฉ๐ช
rh24
2026-06-17 10:04:24
(2 weeks ago)
(wordpress) Failed wordpress login from 41.90.172.132 (KE/Kenya/41-90-172-132.safaricombusiness.co.k ...
show more
(wordpress) Failed wordpress login from 41.90.172.132 (KE/Kenya/41-90-172-132.safaricombusiness.co.ke): (CF_ENABLE)
show less
Brute-Force
๐ซ๐ท
masterguru
2026-06-17 10:03:30
(2 weeks ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-14 19:00:18
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 41.90.172.132 (41-90-172-132.safaricombusiness. ...
show more
(mod_security) mod_security (id:240335) triggered by 41.90.172.132 (41-90-172-132.safaricombusiness.co.ke): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 15:00:10.960518 2026] [security2:error] [pid 18907:tid 18907] [client 41.90.172.132:8514] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.90.172.132 (+1 hits since last alert)|laecovillage.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "laecovillage.org"] [uri "/xmlrpc.php"] [unique_id "ai76Ony3wPNloge22BdzbgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cybsecaoccol
2026-05-01 12:11:31
(2 months ago)
unauthorized connection or malicious port scan attempted on tcp port - corp
Port Scan
Hacking
๐ณ๐ฑ
Roderic
2026-03-16 06:49:36
(3 months ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted])
Bad Web Bot
๐ฎ๐ฉ
David Koswari
2026-02-25 04:57:00
(4 months ago)
"REQ_BLOCKED_ACL"
DDoS Attack
FTP Brute-Force
Ping of Death
Port Scan
Hacking
SQL Injection
Spoofing
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH
IoT Targeted
Anonymous
2026-02-24 11:38:36
(4 months ago)
Malicious activity
Bad Web Bot
Web App Attack
๐น๐ท
rtbh.com.tr
2026-02-23 00:11:43
(4 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐บ๐ธ
nationaleventpros.com
2026-02-01 16:34:54
(5 months ago)
WordPress login attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-02-01 16:12:59
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 41.90.172.132 (41-90-172-132.safaricombusiness. ...
show more
(mod_security) mod_security (id:225170) triggered by 41.90.172.132 (41-90-172-132.safaricombusiness.co.ke): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 11:12:52.051441 2026] [security2:error] [pid 518251:tid 518251] [client 41.90.172.132:10179] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||billwegener.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "billwegener.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aX97hHSVLXlii9uriuIXHwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-01 15:32:59
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 41.90.172.132 (41-90-172-132.safaricombusiness. ...
show more
(mod_security) mod_security (id:225170) triggered by 41.90.172.132 (41-90-172-132.safaricombusiness.co.ke): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 10:32:51.226464 2026] [security2:error] [pid 27809:tid 27809] [client 41.90.172.132:10200] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||beirutbazar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "beirutbazar.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX9yI3xWFph59rMPjwLmrwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-01-17 10:42:42
(5 months ago)
Blocked by UFW (TCP on 23)
Source port: 28718
TTL: 54
Packet length: 60
TOS: 0x00
This report (for ...
show more
Blocked by UFW (TCP on 23)
Source port: 28718
TTL: 54
Packet length: 60
TOS: 0x00
This report (for 41.90.172.132) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Hacking
Brute-Force