๐ฑ๐ป
garmtech.com
2026-07-15 16:43:19
(41 minutes ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
Anonymous
2026-07-15 13:50:07
(3 hours ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
jsjdmediallc
2026-07-15 11:40:05
(5 hours ago)
Auto-blocked: score 30 (threshold 10). Tier: HIGH. Hits: 4. Flags: env-file. Paths: /sendgrid/.env, ...
show more
Auto-blocked: score 30 (threshold 10). Tier: HIGH. Hits: 4. Flags: env-file. Paths: /sendgrid/.env, /sendgrid/.env, /.env, /.env
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 09:50:46
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.176.129.220 (220.129.176.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.176.129.220 (220.129.176.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 05:50:42.054817 2026] [security2:error] [pid 20719:tid 20719] [client 34.176.129.220:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antitribu.com"] [uri "/.env"] [unique_id "aldX8kipqSQhA6KQBzExLgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
Inartis
2026-07-15 06:24:15
(11 hours ago)
34.176.129.220 - - [15/Jul/2026:06:24:14 +0000] "GET /.env HTTP/1.1" 302 487 "-" "Mozilla/5.0 (X11; ...
show more
34.176.129.220 - - [15/Jul/2026:06:24:14 +0000] "GET /.env HTTP/1.1" 302 487 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ณ
evicky2002
2026-07-15 06:00:00
(11 hours ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐ง๐ท
dominioz
2026-07-15 04:39:33
(12 hours ago)
2026-07-15 04:38:42 GET /.env - - 34.176.129.220 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKi ...
show more
2026-07-15 04:38:42 GET /.env - - 34.176.129.220 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/81.0.4044.129+Safari/537.36 - 301 469
2026-07-15 04:39:04 GET /sendgrid/.env - - 34.176.129.220 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/81.0.4044.129+Safari/537.36 - 301 487
...
show less
Web App Attack
๐ฉ๐ช
Zydzy
2026-07-15 02:41:31
(14 hours ago)
Automated attack detected. Server: 95.140.154.181. Jail: nginx-exploit.
Web App Attack
๐ง๐ท
Halux
2026-07-15 02:09:55
(15 hours ago)
34.176.129.220 Probing protected path or service
Web App Attack
๐ฌ๐ง
consul.to
2026-07-15 01:42:38
(15 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-15 00:58:58
(16 hours ago)
cloudlinux2 fail2ban: 2026-07-15 02:53:44,952 fail2ban.filter [1878]: INFO [plesk-wordpre ...
show more
cloudlinux2 fail2ban: 2026-07-15 02:53:44,952 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 45.8.19.181 - 2026-07-15 02:53:44cloudlinux2 fail2ban: 2026-07-15 02:56:04,981 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 216.73.161.72 - 2026-07-15 02:56:03cloudlinux2 fail2ban: 2026-07-15 02:56:08,576 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 216.73.161.72 - 2026-07-15 02:56:07cloudlinux2 fail2ban: 2026-07-15 02:56:04,809 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 173.239.211.152 - 2026-07-15 02:56:03cloudlinux2 fail2ban: 2026-07-15 02:56:33,962 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 142.111.152.198 - 2026-07-15 02:56:32cloudlinux2 fail2ban: 2026-07-15 02:56:56,839 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 45.132.227.47 - 2026-07-15 02:56:56cloudlinux2 fail2ban: 2026-07-15 02:56:56,697 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 172.98.32.51 - 2026-07-15 02:56:56cloudlin
show less
Web App Attack
๐ซ๐ท
โจ
2026-07-15 00:42:17
(16 hours ago)
Domain : buildingsupport.co.uk
Rule : env
2026-07-15 00:39:53 79.171.39.6 GET /sendgrid/.env - 80 - ...
show more
Domain : buildingsupport.co.uk
Rule : env
2026-07-15 00:39:53 79.171.39.6 GET /sendgrid/.env - 80 - 34.176.129.220 HTTP/1.1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 - buildingsupport.co.uk 301 0 0 434 248 197 - -
show less
Hacking
SQL Injection
๐ฌ๐ง
pinguin
2026-07-15 00:13:11
(17 hours ago)
Triggered Cloudflare WAF (firewallManaged) from CL.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET meth ...
show more
Triggered Cloudflare WAF (firewallManaged) from CL.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /sendgrid/.env
UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-14 22:13:17
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.176.129.220 (220.129.176.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.176.129.220 (220.129.176.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 18:13:11.569250 2026] [security2:error] [pid 19657:tid 19657] [client 34.176.129.220:62301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "unified-dispatch.com"] [uri "/.env"] [unique_id "ala0d9DGBo4TVS2WsT1teQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 21:25:43
(19 hours ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot