๐จ๐ฆ
1gz
2026-07-01 10:57:47
(6 hours ago)
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (GET m ...
show more
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
yvoictra
2026-07-01 09:27:11
(8 hours ago)
Bloqueado automรกticamente por CrowdSec. Escenario: crowdsecurity/http-probing
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-01 07:18:13
(10 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 127
Exploited Host
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-30 01:57:27
(1 day ago)
IM360 WAF: Laravel .env file access
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-29 21:34:49
(1 day ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 14:05:47
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 68.183.182.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 68.183.182.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 10:05:42.732616 2026] [security2:error] [pid 1005:tid 1005] [client 68.183.182.64:51318] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sailyourkayak.com"] [uri "/.env"] [unique_id "akJ7tvJjSEN6_aKcDuzACgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 06:57:29
(2 days ago)
68.183.182.64 patrz.eu - [29/Jun/2026:08:57:27 +0200] "GET /.env HTTP/1.1" 301 0 "-" "Mozilla/5.0 (M ...
show more
68.183.182.64 patrz.eu - [29/Jun/2026:08:57:27 +0200] "GET /.env HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50"
...
show less
Hacking
Web App Attack
๐บ๐ธ
nyt
2026-06-29 01:08:24
(2 days ago)
Sensitive File Probe
Web App Attack
๐ง๐ช
voormedia
2026-06-29 00:59:24
(2 days ago)
Accessed trap at '/.env'
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-28 14:32:53
(3 days ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 07:52:57
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 68.183.182.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 68.183.182.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 03:52:50.725289 2026] [security2:error] [pid 20023:tid 20023] [client 68.183.182.64:61302] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hl-re.com"] [uri "/.env"] [unique_id "akDS0l3342WrEZ6DP3OgMgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ท
Francisco Carlos
2026-06-28 06:22:54
(3 days ago)
Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: env-leak. Sample: GET /.en ...
show more
Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: env-leak. Sample: GET /.env
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 02:09:06
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 68.183.182.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 68.183.182.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 22:09:01.983370 2026] [security2:error] [pid 3415:tid 3415] [client 68.183.182.64:64884] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flyingdodopublications.com"] [uri "/.env"] [unique_id "akCCPWVrVVzio4jY5JouHwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 23:45:02
(3 days ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 22:55:12
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 68.183.182.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 68.183.182.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 18:55:05.436143 2026] [security2:error] [pid 6150:tid 6150] [client 68.183.182.64:60974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "johnedwardsconsulting.com"] [uri "/.env"] [unique_id "akBUySB54Ss_PSg3FXezgAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack