๐ฌ๐ง
pinguin
2026-07-12 13:17:46
(2 days ago)
Triggered Cloudflare WAF (firewallManaged) from CA.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from CA.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2026-06-29 14:44:59
(2 weeks ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 21:35:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 17:35:15.902321 2026] [security2:error] [pid 29362:tid 29362] [client 172.69.214.47:10926] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.anxietymd.com"] [uri "/core/.env"] [unique_id "adLVk4r9e3kKXRW-0FPxDAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 23:58:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 19:58:04.464721 2026] [security2:error] [pid 7353:tid 7353] [client 172.69.214.47:10323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.morninginc.com"] [uri "/.git/refs/heads/master"] [unique_id "adGljBDGZ39cSsomi40G5gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 23:03:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 19:03:16.079679 2026] [security2:error] [pid 26643:tid 26643] [client 172.69.214.47:13929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rogerheath.com"] [uri "/public/.env"] [unique_id "adGYtL-68POagk72o5tzQQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 20:04:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 16:04:31.476288 2026] [security2:error] [pid 27531:tid 27531] [client 172.69.214.47:11326] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cynosurephotography.pluralmatrix.net"] [uri "/.env.staging"] [unique_id "adFuz1oG-GzNFKrzxgLMNAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 15:01:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 11:01:50.787184 2026] [security2:error] [pid 30828:tid 30828] [client 172.69.214.47:14231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "centralbaptistalcoa.org"] [uri "/.git/refs/heads/main"] [unique_id "adEn3p4YC35A8uM4D5tFZAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 12:19:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 08:19:45.346586 2026] [security2:error] [pid 13186:tid 13186] [client 172.69.214.47:14129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.iplayriichi.com"] [uri "/app/.env"] [unique_id "adEB4VUJrcgmPDphV_Ig7AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 08:07:30
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 04:07:23.990695 2026] [security2:error] [pid 1207:tid 1207] [client 172.69.214.47:12871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.register-yacht-croatia.com"] [uri "/.env.test"] [unique_id "adDGu_7FCVfuLNRWfMPSjQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 05:59:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 01:59:52.623422 2026] [security2:error] [pid 32503:tid 32503] [client 172.69.214.47:11043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wildemar.info"] [uri "/.env.bak"] [unique_id "adCo2FDvz9VrkK37Cp5NkQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 04:43:28
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 00:43:19.434438 2026] [security2:error] [pid 29529:tid 29529] [client 172.69.214.47:12357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.labidl.eckerberg.net"] [uri "/.git/refs/heads/main"] [unique_id "adCW5-hOZw3BZpd13C8lLQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 04:13:23
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 00:13:16.459237 2026] [security2:error] [pid 25837:tid 25837] [client 172.69.214.47:10420] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.isjustanasshole.com"] [uri "/.env1"] [unique_id "adCP3KWRRA6r3ddvzYWg_QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 03:55:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 23:55:24.509411 2026] [security2:error] [pid 16653:tid 16653] [client 172.69.214.47:11431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kentculotta.com"] [uri "/.env_backup"] [unique_id "adCLrDx90O9ccXULv4xsAQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 01:19:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 21:19:47.546131 2026] [security2:error] [pid 20400:tid 20400] [client 172.69.214.47:10463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bnaiisraelkearny.com"] [uri "/.env"] [unique_id "adBnM7nqxJrqf0T1T7XC8QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 00:44:52
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.214.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 20:44:45.507446 2026] [security2:error] [pid 585:tid 585] [client 172.69.214.47:9492] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.davidwoodard.com"] [uri "/docker/.env.local"] [unique_id "adBe_ZtT8wBoaMsL-yltbgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack