๐ฉ๐ช
enjoyably
2026-06-30 22:58:02
(1 hour ago)
This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch
Web App Attack
Anonymous
2026-06-30 21:04:57
(3 hours ago)
"GET /.env HTTP/1.1"
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 16:54:27
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:54:20.480244 2026] [security2:error] [pid 13262:tid 13262] [client 2602:fa59:10:7ad::1:38526] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "celebritybikinigossip.com"] [uri "/.env"] [unique_id "akP0vB-wEsCjU23-5zyP0wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
as211431.net
2026-06-30 15:01:23
(9 hours ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (POST method)
Endpoint: /
UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-30 12:34:25
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:34:19.550688 2026] [security2:error] [pid 13564:tid 13595] [client 2602:fa59:10:7ad::1:55450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "markhoran.pictures"] [uri "/.env"] [unique_id "akO3y-lg8Zx52j5y6fxrugAAAQA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 12:05:09
(12 hours ago)
WAF repeated trigger detected by Fail2Ban
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 11:30:32
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 07:30:23.934114 2026] [security2:error] [pid 10177:tid 10177] [client 2602:fa59:10:7ad::1:45852] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sharoneternity.seizetheseason.com"] [uri "/.env"] [unique_id "akOoz1WL1dQR4UMZV0AxhAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ฐ
HostingGroup
2026-06-30 11:26:53
(13 hours ago)
Automated malicious activity (Honeypot Trap) detected and blocked at the CDN edge by NordicCDN Shiel ...
show more
Automated malicious activity (Honeypot Trap) detected and blocked at the CDN edge by NordicCDN Shield. Offenses: 2. First blocked: 2026-06-30.
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 09:10:06
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 05:09:59.147225 2026] [security2:error] [pid 22694:tid 22694] [client 2602:fa59:10:7ad::1:44038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "srossi.net"] [uri "/.env.example"] [unique_id "akOH58tuiY9f_TO4mt_mIgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:47:41
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:47:35.055179 2026] [security2:error] [pid 8827:tid 8827] [client 2602:fa59:10:7ad::1:40850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marcosbarraza.net"] [uri "/.env.example"] [unique_id "akOCp7MOBqxJQLwAuR9FOwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 08:23:59
(16 hours ago)
2602:fa59:10:7ad::1 - - [30/Jun/2026:08:23:58 +0000] "GET /.env HTTP/1.1" 403 4199 "-" "Mozilla/5.0 ...
show more
2602:fa59:10:7ad::1 - - [30/Jun/2026:08:23:58 +0000] "GET /.env HTTP/1.1" 403 4199 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 06:52:20
(17 hours ago)
2602:fa59:10:7ad::1 - - [30/Jun/2026:08:52:19 +0200] "GET /.env HTTP/1.1" 403 6963 "-" "Mozilla/5.0 ...
show more
2602:fa59:10:7ad::1 - - [30/Jun/2026:08:52:19 +0200] "GET /.env HTTP/1.1" 403 6963 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:30:16
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:30:10.032519 2026] [security2:error] [pid 30140:tid 30140] [client 2602:fa59:10:7ad::1:55092] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mixmediallc.com"] [uri "/.env"] [unique_id "akNicpZGu5dK0_whHEvm6QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 04:51:41
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 00:51:37.104268 2026] [security2:error] [pid 20654:tid 20654] [client 2602:fa59:10:7ad::1:34434] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.et.lobibilisim.com"] [uri "/.env"] [unique_id "akNLWTqyh6uHVUxxGQKC5gAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 04:36:15
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:7ad::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 00:36:10.395702 2026] [security2:error] [pid 2482:tid 2482] [client 2602:fa59:10:7ad::1:52548] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "discountphotogifts.com"] [uri "/.env"] [unique_id "akNHuuWDwHchWKI9CiX06wAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack