This IP address has been reported a total of
35
times from
22 distinct
sources.
63.182.239.48 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Automated: 15 requests with error status in 120s window from 63.182.239.48.
Evidence: /.env.swp:404, ...
show moreAutomated: 15 requests with error status in 120s window from 63.182.239.48.
Evidence: /.env.swp:404,/.env.tmp:404,/.env.bak:404,/.env.old:404,/.env.save:404,/.env.backup:404,/.env.staging:404,/.env.test:404,/.env.prod:404,/.env.dev:404,/.env.development:404,/.env.production:404,/.env.local:404,/.env:404,/config:404
show less
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show moreTriggered Cloudflare WAF (firewallCustom) from DE.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env.test
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
[TueJun3013:54:40.0308632026][security2:error][pid144799:tid144917][client63.182.239.48:0]ModSecurit ...
show more[TueJun3013:54:40.0308632026][security2:error][pid144799:tid144917][client63.182.239.48:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"essesolution.ch\"][uri\"/.env.local\"][unique_id\"akOugE93GguNj0U2AouTdgAAAQc\"]
show less