๐ซ๐ท
SpaceHost-Server
2026-06-22 22:31:49
(1 week ago)
Brute-Force
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-21 22:29:44
(1 week ago)
Brute-Force
Web App Attack
๐ซ๐ท
mrcrassi
2026-06-21 17:20:36
(1 week ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: BLOCK
Protocol: HTTP/2 (GET method ...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: BLOCK
Protocol: HTTP/2 (GET method)
Endpoint: /.env.example
UA: Mozilla/5.0 (compatible; Bytespider; [email protected] )
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
LRob
2026-06-21 11:00:03
(1 week ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐ฉ๐ช
macrob
2026-06-21 07:42:44
(1 week ago)
2026/06/21 07:42:43 [error] 3305992#3305992: *320195163 access forbidden by rule, client: 2a0c:9f00: ...
show more
2026/06/21 07:42:43 [error] 3305992#3305992: *320195163 access forbidden by rule, client: 2a0c:9f00:a000:5b4::1, server: binixo.pl, request: "GET /.aws/credentials HTTP/2.0", host: "binixo.pl"
2026/06/21 07:42:43 [error] 3305992#3305992: *320195163 access forbidden by rule, client: 2a0c:9f00:a000:5b4::1, server: binixo.pl, request: "GET /.env.production HTTP/2.0", host: "binixo.pl"
2026/06/21 07:42:43 [error] 3305988#3305988: *320200478 access forbidden by rule, client: 2a0c:9f00:a000:5b4::1, server: binixo.pl, request: "GET /api/.env HTTP/2.0", host: "binixo.pl"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-21 02:40:51
(1 week ago)
2a0c:9f00:a000:5b4::1 - - [21/Jun/2026:05:40:50 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "CCBot/2 ...
show more
2a0c:9f00:a000:5b4::1 - - [21/Jun/2026:05:40:50 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)"
2a0c:9f00:a000:5b4::1 - - [21/Jun/2026:05:40:50 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityBot/1.0; +https://perplexity.ai/perplexitybot"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 00:55:45
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:5b4::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:5b4::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 20:55:31.747811 2026] [security2:error] [pid 5532:tid 5532] [client 2a0c:9f00:a000:5b4::1:55150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tradersworldmarket.com"] [uri "/.env.example"] [unique_id "ajc2g4vOVG46opvyxTntUAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Cuteminded
2026-06-20 20:27:27
(1 week ago)
Detected web attack patterns
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 19:17:35
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:5b4::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:5b4::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 15:17:28.188532 2026] [security2:error] [pid 6146:tid 6146] [client 2a0c:9f00:a000:5b4::1:59464] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fancyspider.net"] [uri "/api/.env"] [unique_id "ajbnSGyxhhKN8qVdMHDj8wAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 18:50:38
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:5b4::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:5b4::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 14:50:33.914536 2026] [security2:error] [pid 19114:tid 19114] [client 2a0c:9f00:a000:5b4::1:49376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.connectigramme.com"] [uri "/api/.env"] [unique_id "ajbg-Vy13GFD3QAQuYCplwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
mgarofano80
2026-06-20 15:20:51
(1 week ago)
Brute-Force
Web App Attack
๐ซ๐ท
Baking333
2026-06-20 10:44:25
(1 week ago)
[redacted] 2a0c:9f00:a000:5b4::1 - - [20/Jun/2026:11:44:21 +0100] "GET /.[redacted] HTTP/1.1" 302 15 ...
show more
[redacted] 2a0c:9f00:a000:5b4::1 - - [20/Jun/2026:11:44:21 +0100] "GET /.[redacted] HTTP/1.1" 302 1579 0/75631 "http://[redacted]/.[redacted]" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://[redacted])" [redacted] 2a0c:9f00:a000:5b4::1 - - [20/Jun/2026:11:44:23 +0100] "GET /.aws/credentials HTTP/1.1" 302 1579 0/53171 "http://[redacted]/.aws/credentials" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://[redacted]/perplexity-user"
show less
Bad Web Bot
Web App Attack
๐จ๐ฆ
1gz
2026-06-20 08:25:59
(1 week ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: BLOCK
Protocol: HTTP/2 (GET method ...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: BLOCK
Protocol: HTTP/2 (GET method)
Endpoint: /application.yml
UA: Mozilla/5.0 (compatible; Bytespider; [email protected] )
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-20 05:53:56
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:5b4::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:5b4::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 01:53:49.512074 2026] [security2:error] [pid 2934:tid 2939] [client 2a0c:9f00:a000:5b4::1:41708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "officialseniorworldgolfranking.com"] [uri "/.env.example"] [unique_id "ajYq7e9RyERd5p5fjSj_NwAAAME"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-06-20 02:19:39
(1 week ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack