π«π·
Guardian
2026-07-01 09:47:58
(17 hours ago)
Unauthorized attempt to retrieve configuration file
45.130.203.176 [01/Jul/2026:09:47:57] "GET /.env ...
show more
Unauthorized attempt to retrieve configuration file
45.130.203.176 [01/Jul/2026:09:47:57] "GET /.env HTTP/1.1"
show less
Port Scan
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 06:23:15
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 02:22:54.661498 2026] [security2:error] [pid 13273:tid 13273] [client 45.130.203.176:26637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jiggajones.indie100.com"] [uri "/.git/HEAD"] [unique_id "akSyPtFOg9x8Rn0vpQEf2AAAAEU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
Saec
2026-07-01 06:15:47
(20 hours ago)
Jarvis auto-ban: CF honeypot path /.env (2Γ on saec.me)
Port Scan
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 01:35:42
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 21:35:36.970603 2026] [security2:error] [pid 32260:tid 32260] [client 45.130.203.176:36039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ustock.app.suffolksystems.com"] [uri "/.git/HEAD"] [unique_id "akRu6JS_eSy5HKxVKJdOAAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π¦
1gz
2026-06-30 21:43:03
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (GET m ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /bak/orihost.com.zip
UA: Jobmaster-Opendir/1.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-30 13:30:43
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:30:05.931297 2026] [security2:error] [pid 31255:tid 31255] [client 45.130.203.176:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dashboard.luisguacache.com|F|2"] [data ".luisguacache.com.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dashboard.luisguacache.com"] [uri "/dashboard.luisguacache.com.sql"] [unique_id "akPE3W5_bnu72bOA-YadiQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 03:00:04
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 22:59:57.515096 2026] [security2:error] [pid 513:tid 663] [client 45.130.203.176:44987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stupidlikeyou.ceol.us"] [uri "/.git/HEAD"] [unique_id "akHfrQyfBrc4zbQ03T9UDAAAANc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 20:44:48
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:44:43.754588 2026] [security2:error] [pid 18195:tid 18195] [client 45.130.203.176:61687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dandksupply.com"] [uri "/.env.production"] [unique_id "akGHu2lMiCRK8m8GmYYo7QAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 08:41:22
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:41:16.709933 2026] [security2:error] [pid 22458:tid 22496] [client 45.130.203.176:25567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.internationalacademyofprojectmanagement.com"] [uri "/.env"] [unique_id "akDeLATSdVcQPpf2mG3vSwAAAZU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 04:27:42
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:27:35.959293 2026] [security2:error] [pid 13143:tid 13143] [client 45.130.203.176:42371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fireteam.faith"] [uri "/.git/HEAD"] [unique_id "akCit0Nr9y4B16H7UKA9cwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
boxed-it
2026-06-24 11:00:21
(1 week ago)
GET /.git/HEAD (Tarpitted for 2m10s, wasted 7.73kB)
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 06:09:13
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 02:09:05.493049 2026] [security2:error] [pid 28255:tid 28255] [client 45.130.203.176:21691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.shipps.nmorganist.org"] [uri "/.git/HEAD"] [unique_id "ajjRgTyCVuUaAQyn94_oDQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 04:59:45
(1 week ago)
(mod_security) mod_security (id:949110) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 00:59:41.215591 2026] [security2:error] [pid 28067:tid 28067] [client 45.130.203.176:46549] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.experimentalscene.com"] [uri "/.git/HEAD"] [unique_id "ajjBPSpuqO4MFBuTO1W_VAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 01:23:41
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.203.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:23:27.917606 2026] [security2:error] [pid 25700:tid 25719] [client 45.130.203.176:65239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.galleyline.pwrcoupling.com"] [uri "/.git/HEAD"] [unique_id "ajiOj1VE8Ve1NQpRda4mkwAAAFE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
lnklnx
2026-06-22 00:00:52
(1 week ago)
translate.lnklnx.com:80 45.130.203.176 - - [21/Jun/2026:19:00:50 -0500] "GET /.git/HEAD HTTP/1.1" 30 ...
show more
translate.lnklnx.com:80 45.130.203.176 - - [21/Jun/2026:19:00:50 -0500] "GET /.git/HEAD HTTP/1.1" 301 610 "-" "Python-urllib/3.10"
...
show less
Web App Attack