๐ฉ๐ช
Blexyel
2026-06-29 01:04:09
(2 days ago)
172.68.245.224 - - [29/Jun/2026:03:04:08 +0200] "GET /.git/config HTTP/1.1" 200 264 "-" "Mozilla/5.0 ...
show more
172.68.245.224 - - [29/Jun/2026:03:04:08 +0200] "GET /.git/config HTTP/1.1" 200 264 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.3; +https://openai.com/gptbot)" "136.243.2.38"
...
show less
Brute-Force
Web App Attack
๐ฌ๐ง
pinguin
2026-06-24 06:34:47
(1 week ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /env.js
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ณ๐ฑ
homeshowdomain.nl
2026-05-25 22:02:25
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-25
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-25 14:04:10
(1 month ago)
(mod_security) mod_security (id:949110) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 10:04:01.988312 2026] [security2:error] [pid 12412:tid 12412] [client 172.68.245.224:9460] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.tgto.cescfoundation.org"] [uri "/.env.save"] [unique_id "ahRW0Wnn0mWAegVJm9JKXgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-15 12:14:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 08:14:03.887411 2026] [security2:error] [pid 26368:tid 26368] [client 172.68.245.224:9544] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dabovalbb.com"] [uri "/.env.dev"] [unique_id "agcOCzF24pHo_HT4yRCuCgAAABg"], referer: https://www.google.com/search?q=dabovalbb.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-05-15 04:14:24
(1 month ago)
Try to access /.aws/credentials
Web App Attack
๐ฆ๐บ
trentwiles.com
2026-05-10 03:28:33
(1 month ago)
Unauthorized connection attempt detected from IP address 172.68.245.224 to port 80 [SYD]
Port Scan
๐ฌ๐ง
pinguin
2026-04-27 02:17:21
(2 months ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /env.js
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1 Safari/605.1.15
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
mnsf
2026-04-07 18:06:02
(2 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-05 00:05:44
(2 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-02 09:06:38
(2 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-03-31 01:07:08
(3 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 00:12:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 20:12:44.378998 2026] [security2:error] [pid 22615:tid 22615] [client 172.68.245.224:11499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.3905ccn.us"] [uri "/.envrc"] [unique_id "acsRfHGC_JNqbEchWuUOnQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 18:33:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 14:32:55.453122 2026] [security2:error] [pid 23929:tid 23929] [client 172.68.245.224:10503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.prosucomexico.com"] [uri "/.env_settings"] [unique_id "acrB1-ZcqHNw4KMuvxvqMgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 13:43:45
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 09:43:39.514967 2026] [security2:error] [pid 21179:tid 21179] [client 172.68.245.224:13663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.genesis-castle.com"] [uri "/public/.env"] [unique_id "acp-C86mLuJbfK6JYA_qLQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack