๐ง๐ช
cmbplf
2026-07-03 15:03:13
(6 hours ago)
100 requests with url.path *.sql.gz
Brute-Force
Bad Web Bot
๐บ๐ธ
abenage
2026-07-03 11:53:01
(9 hours ago)
45.130.203.165 - - [03/Jul/2026:05:53:00 -0600] "GET /backups/ HTTP/1.1" 404 162 "-" "Jobmaster-Open ...
show more
45.130.203.165 - - [03/Jul/2026:05:53:00 -0600] "GET /backups/ HTTP/1.1" 404 162 "-" "Jobmaster-Opendir/1.0"
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-03 11:20:57
(9 hours ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
๐ซ๐ท
masterguru
2026-07-03 08:13:04
(13 hours ago)
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ...
show more
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-193)
show less
Hacking
๐ฉ๐ช
bescared
2026-07-03 08:06:42
(13 hours ago)
F2B - Malicious activity detected. URL Probing. -c0423ad6-
Hacking
Web App Attack
๐ซ๐ท
Guardian
2026-07-01 09:48:07
(2 days ago)
Unauthorized attempt to retrieve configuration file
45.130.203.165 [01/Jul/2026:09:48:06] "GET /.env ...
show more
Unauthorized attempt to retrieve configuration file
45.130.203.165 [01/Jul/2026:09:48:06] "GET /.env HTTP/1.1"
show less
Port Scan
Web App Attack
๐ง๐ช
Saec
2026-07-01 06:15:38
(2 days ago)
Jarvis auto-ban: CF honeypot path /.env (3ร on saec.me)
Port Scan
Web App Attack
๐จ๐ฆ
1gz
2026-06-30 21:42:55
(2 days ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (HEAD ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (HEAD method)
Endpoint: /tmp/app.zip
UA: Jobmaster-Opendir/1.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-30 13:30:58
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 45.130.203.165 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.203.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:30:51.257400 2026] [security2:error] [pid 1052:tid 1052] [client 45.130.203.165:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dashboard.luisguacache.com|F|2"] [data ".com.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dashboard.luisguacache.com"] [uri "/backups/luisguacache.com.sql"] [unique_id "akPFC6AUmswJlWxXisgRWwAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 06:03:30
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.165 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:03:24.308658 2026] [security2:error] [pid 27334:tid 27334] [client 45.130.203.165:39237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bergopro.co.uk.easternimport.com"] [uri "/.git/HEAD"] [unique_id "akIKrBoMEjJM-SRJ2nsHEwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-06-28 10:51:15
(5 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฉ๐ช
todix
2026-06-28 07:42:40
(5 days ago)
Web App Attack Exploid from 45.130.203.165
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-06-28 07:39:14
(5 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 05:42:35
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.165 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 01:42:32.127986 2026] [security2:error] [pid 8688:tid 8688] [client 45.130.203.165:29283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.agenticapocalypse.com"] [uri "/.env.production"] [unique_id "akC0SDOQUxwuu0bchaS5FQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
as211431.net
2026-06-24 21:45:59
(1 week ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/HEAD
UA: Python-urllib/3.10
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot