๐ฉ๐ช
YF
2026-07-03 06:00:10
(26 minutes ago)
WordPress config file probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 05:53:09
(34 minutes ago)
(mod_security) mod_security (id:210492) triggered by 2400:6180:0:d2::5689:0 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2400:6180:0:d2::5689:0 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 01:53:04.958316 2026] [security2:error] [pid 1809:tid 1809] [client 2400:6180:0:d2::5689:0:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.grainavi.com"] [uri "/.env"] [unique_id "akdOQKNTJxG--R93vFykAwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-07-02 22:13:59
(8 hours ago)
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env.production
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-02 21:45:07
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 2400:6180:0:d2::5689:0 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2400:6180:0:d2::5689:0 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:45:01.321473 2026] [security2:error] [pid 11907:tid 12003] [client 2400:6180:0:d2::5689:0:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.humanet.io"] [uri "/.env.local"] [unique_id "akbb3ThfOYcyDf64XWEYawAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-02 21:44:39
(8 hours ago)
Excessive multi-domain requests
Brute-Force
๐ซ๐ท
ELYAZ
2026-07-02 20:41:35
(9 hours ago)
(y3) Failed access -byebye- from 2400:6180:0:d2::5689:0 (Unknown): (CF_ENABLE)
Hacking
๐ฉ๐ช
dispaisyenterprises
2026-07-02 17:40:43
(12 hours ago)
Triggered Cloudflare WAF (firewallManaged) from SG.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpo ...
show more
Triggered Cloudflare WAF (firewallManaged) from SG.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoint: /wp-config.php~ | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran) โข Reported by DisPaisy Enterprises (dispaisy.systems)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-02 17:33:56
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 2400:6180:0:d2::5689:0 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2400:6180:0:d2::5689:0 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 13:33:48.767531 2026] [security2:error] [pid 31649:tid 31649] [client 2400:6180:0:d2::5689:0:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.c2cservices.com"] [uri "/backups/.env"] [unique_id "akag_PR8FpAcsYV9y67SzgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 16:19:27
(14 hours ago)
[03/Jul/2026:02:19:26 +1000] "GET /config HTTP/1.1" 301 287 "Mozilla/5.0 (Windows NT 10.0; Win64; x6 ...
show more
[03/Jul/2026:02:19:26 +1000] "GET /config HTTP/1.1" 301 287 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
show less
Hacking
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-02 15:37:27
(14 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-02 11:30:05
(18 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-02 07:07:30
(23 hours ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
Charlesiv
2026-07-02 06:02:31
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: BLOCK
ASN: 14061 (DigitalOcean, LLC ...
show more
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: BLOCK
ASN: 14061 (DigitalOcean, LLC)
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env.test
Timestamp: 2026-07-02T04:51:26Z
Ray ID: a14b090db9185fe1
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
show less
Bad Web Bot
๐บ๐ธ
antlac1
2026-07-02 05:51:48
(1 day ago)
crowdsecurity/http-sensitive-files
Brute-Force
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-02 04:04:33
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack