๐ซ๐ท
masterguru
2026-07-15 07:08:03
(7 hours ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.39 (US/United States/-): 1 i ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.39 (US/United States/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ซ๐ท
EDSL
2026-07-13 06:08:11
(2 days ago)
[mail.edsl.fr] Blocked by SysWarden Firewall (Web Attack)
Web App Attack
Hacking
Port Scan
๐ซ๐ท
mrcrassi
2026-07-12 17:21:16
(2 days ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: BLOCK
Protocol: HTTP/2 (GET method ...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: BLOCK
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-12 13:51:05
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 74.7.241.39 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210730) triggered by 74.7.241.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 09:50:59.850988 2026] [security2:error] [pid 22540:tid 22557] [client 74.7.241.39:56432] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dasperformance.com|F|2"] [data ".das performance.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dasperformance.com"] [uri "/the-harley-davidson-twin-cam/W WW.DAS performance.com"] [unique_id "alObw05jORAk66U4mrxDAwAAAEk"], referer: http://dasperformance.com/the-harley-davidson-twin-cam/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Dorian GRANDHAY
2026-07-12 01:14:13
(3 days ago)
(PERMBLOCK) 74.7.241.39 (US/United States/-) has had more than 4 temp blocks in the last 604800 secs ...
show more
(PERMBLOCK) 74.7.241.39 (US/United States/-) has had more than 4 temp blocks in the last 604800 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:
show less
Port Scan
๐ซ๐ท
masterguru
2026-07-11 23:19:39
(3 days ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.39 (US/United States/-): 1 i ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.39 (US/United States/-): 1 in the last 3600 secs (0-195)
show less
Hacking
Anonymous
2026-07-10 11:43:26
(5 days ago)
Malicious activity detected
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 03:34:25
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 74.7.241.39 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210730) triggered by 74.7.241.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 23:34:18.635661 2026] [security2:error] [pid 28467:tid 28564] [client 74.7.241.39:39856] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.baggymaggy.docdalton.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.baggymaggy.docdalton.com"] [uri "/[email protected] "] [unique_id "alBoOsMo5eHWDcQQ4Y1I5QAAARI"], referer: https://www.baggymaggy.docdalton.com/gallery.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-10 02:00:34
(5 days ago)
WordPress content enumeration
Web App Attack
๐ฌ๐ง
pinguin
2026-07-09 09:17:01
(6 days ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/2 (GET method) ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
masterguru
2026-07-09 08:55:23
(6 days ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.39 (US/United States/-): 1 i ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.39 (US/United States/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ฉ๐ช
grassau.com
2026-07-09 02:43:09
(6 days ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 74.7.241.39 (US/Unit ...
show more
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 74.7.241.39 (US/United States/Georgia/Atlanta/-)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-08 11:59:10
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 74.7.241.39 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210730) triggered by 74.7.241.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:59:06.511860 2026] [security2:error] [pid 10554:tid 10554] [client 74.7.241.39:59648] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||silkenswift.borzois.com|F|2"] [data ".borzois.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "silkenswift.borzois.com"] [uri "/www.borzois.com"] [unique_id "ak47ip720kPnIu31SEstIwAAAAo"], referer: https://silkenswift.borzois.com/aurora.bio.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
MPL
2026-07-08 01:50:03
(1 week ago)
tcp/443 (4 or more attempts)
Port Scan
๐ฎ๐น
Inartis
2026-07-08 00:42:53
(1 week ago)
74.7.241.39 - - [08/Jul/2026:02:42:52 +0200] "GET /xmlrpc.php HTTP/1.1" 403 566 "https://blog.youpac ...
show more
74.7.241.39 - - [08/Jul/2026:02:42:52 +0200] "GET /xmlrpc.php HTTP/1.1" 403 566 "https://blog.youpackaging.com/prodotti/astuccio-triangolare/" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)"
...
show less
Brute-Force
Bad Web Bot
Web App Attack