๐ง๐ท
Peregrine
2026-07-18 16:21:58
(7 hours ago)
Fail2Ban Jail s2: tomcat-honeypot | Evidence: - 38.180.136.14 - - [18/Jul/2026:13:21:49 -0300] "GET ...
show more
Fail2Ban Jail s2: tomcat-honeypot | Evidence: - 38.180.136.14 - - [18/Jul/2026:13:21:49 -0300] "GET /.env HTTP/1.1" 404 414
show less
Bad Web Bot
Anonymous
2026-07-18 15:31:04
(8 hours ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
Rayulcifer
2026-07-18 15:01:48
(9 hours ago)
38.180.136.14 - - [18/Jul/2026:10:01:47 -0500] "GET /.env HTTP/1.1" 301 489 "-" "Mozilla/5.0 (Macint ...
show more
38.180.136.14 - - [18/Jul/2026:10:01:47 -0500] "GET /.env HTTP/1.1" 301 489 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Open Proxy
Port Scan
Hacking
Web App Attack
SSH
Anonymous
2026-07-18 07:15:51
(17 hours ago)
38.180.136.14 - - [18/Jul/2026:07:15:51 +0000] "GET /.env HTTP/1.1" 301 588 "-" "Mozilla/5.0 (Macint ...
show more
38.180.136.14 - - [18/Jul/2026:07:15:51 +0000] "GET /.env HTTP/1.1" 301 588 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Brute-Force
Web App Attack
๐ฎ๐ฉ
penjaga BRIN
2026-07-18 07:09:15
(17 hours ago)
Suspicious malicious activity
Hacking
Anonymous
2026-07-18 06:17:57
(17 hours ago)
38.180.136.14 - - [18/Jul/2026:08:17:56 +0200] "GET /.env HTTP/1.1" 301 585 "-" "Mozilla/5.0 (Macint ...
show more
38.180.136.14 - - [18/Jul/2026:08:17:56 +0200] "GET /.env HTTP/1.1" 301 585 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 05:25:48
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 38.180.136.14 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 38.180.136.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 01:25:41.640266 2026] [security2:error] [pid 23993:tid 23993] [client 38.180.136.14:56619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goglobex.com"] [uri "/.env"] [unique_id "alsOVTO7AKxZmzQnl3kVUQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 02:34:41
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 38.180.136.14 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 38.180.136.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 22:34:36.744820 2026] [security2:error] [pid 1682351:tid 1682351] [client 38.180.136.14:58754] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "footballxp.com"] [uri "/.env"] [unique_id "alrmPKpMnH9Q2HUA_Z70ywAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
as211431.net
2026-07-18 01:05:34
(23 hours ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2026-07-18 00:30:01
(23 hours ago)
"GET /.env HTTP/1.1"
Hacking
Web App Attack
๐ฌ๐ง
Oakley
2026-07-17 23:30:58
(1 day ago)
(confirmed_bot_sig) Confirmed bot
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 14:13:24
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 38.180.136.14 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 38.180.136.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 10:13:19.277875 2026] [security2:error] [pid 814901:tid 814901] [client 38.180.136.14:64317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dmasoftlab.com"] [uri "/.env"] [unique_id "alo4f8SQOC1GRfW5nH5N2QAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-07-17 12:08:26
(1 day ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after attack pattern. Vegas Security
Hacking
Brute-Force
๐ญ๐บ
kranem
2026-07-17 12:00:04
(1 day ago)
Triggered Cloudflare WAF from US.
Action taken: BLOCK
ASN: 58061 (Scalaxy B.V.)
Protocol: HTTP/1.1 ( ...
show more
Triggered Cloudflare WAF from US.
Action taken: BLOCK
ASN: 58061 (Scalaxy B.V.)
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env
Timestamp: 2026-07-17T11:57:16Z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-17 11:31:27
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 38.180.136.14 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 38.180.136.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:31:21.228328 2026] [security2:error] [pid 2896:tid 2896] [client 38.180.136.14:59384] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atame.com"] [uri "/.env"] [unique_id "aloSiZnj-f4NnDprHlCtQAAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack