๐ฆ๐บ
MAGIC
2026-07-04 00:01:22
(6 days ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฉ๐ช
ketovoila.pl
2026-07-03 22:57:33
(6 days ago)
ketovoila.pl IP/proxy endpoint probing: hits=1; unique_paths=1; sample_paths=/ip; UA="Mozilla/5.0 (M ...
show more
ketovoila.pl IP/proxy endpoint probing: hits=1; unique_paths=1; sample_paths=/ip; UA="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"; window=2026-07-03T22:57:33Z..2026-07-03T22:57:33Z
show less
Web App Attack
๐บ๐ธ
johnkarlhill
2026-07-03 03:30:07
(1 week ago)
WebKnight blocked malicious web request on johnkarlhill.com
Brute-Force
SSH
๐บ๐ธ
rsa
2026-07-02 19:43:00
(1 week ago)
GET /ip HTTP/1.1
DDoS Attack
Web App Attack
๐ซ๐ท
bigorre.org
2026-06-27 11:17:54
(1 week ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
๐ต๐ฑ
sefinek.net
2026-06-21 19:24:42
(2 weeks ago)
Triggered Cloudflare WAF (firewallCustom) from HK.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from HK.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: /ip | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฆ๐บ
paulshipley.com.au
2026-06-20 11:26:46
(2 weeks ago)
paulshipley.id.au:443 43.132.183.242 - - [20/Jun/2026:21:26:43 +1000] "GET /ip HTTP/1.1" 404 81669 " ...
show more
paulshipley.id.au:443 43.132.183.242 - - [20/Jun/2026:21:26:43 +1000] "GET /ip HTTP/1.1" 404 81669 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 07:46:35
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 43.132.183.242 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 43.132.183.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 03:46:27.407490 2026] [security2:error] [pid 12744:tid 12744] [client 43.132.183.242:56222] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.raintechgutters.com|F|2"] [data ".raintechgutters.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.raintechgutters.com"] [uri "/local-gutter-services-orlando/www.raintechgutters.com"] [unique_id "ajD_U_LxRJhytagfqKX0ogAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 18:57:19
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 43.132.183.242 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 43.132.183.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 14:57:13.453511 2026] [security2:error] [pid 7837:tid 7837] [client 43.132.183.242:55230] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nrvoutdoors.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nrvoutdoors.com"] [uri "/SNOWDOE/Thumbs.db"] [unique_id "ai2oCe1mni0Z_JxQMS91xgAAAAE"], referer: http://nrvoutdoors.com/SNOWDOE/Thumbs.db
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
afleventoffice.com.au
2026-06-08 22:20:58
(1 month ago)
GET /ip HTTP/1.1
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-06-08 12:19:15
(1 month ago)
angleseaarthouse.com.au:443 43.132.183.242 - - [08/Jun/2026:22:19:12 +1000] "GET /ip HTTP/1.1" 404 7 ...
show more
angleseaarthouse.com.au:443 43.132.183.242 - - [08/Jun/2026:22:19:12 +1000] "GET /ip HTTP/1.1" 404 73734 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐จ๐ญ
backslash
2026-06-03 12:21:02
(1 month ago)
block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-31 20:49:42
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 43.132.183.242 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 43.132.183.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 16:49:39.201080 2026] [security2:error] [pid 12717:tid 12717] [client 43.132.183.242:51044] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||rddeckerphotography.com|F|2"] [data ".revbonnieweddings.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rddeckerphotography.com"] [uri "/blog/index.php/author/admin/page/13/www.revbonnieweddings.com"] [unique_id "ahye4zQKtTF-v1vQbBuqmgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
AvonleaConsulting
2026-05-24 02:44:23
(1 month ago)
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
Bad Web Bot
Web App Attack
Anonymous
2026-05-22 21:38:17
(1 month ago)
Malicious activity detected
Hacking
Web App Attack